Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-44431 (GCVE-0-2026-44431)
Vulnerability from cvelistv5 – Published: 2026-05-13 15:20 – Updated: 2026-06-26 11:01- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
| URL | Tags |
|---|---|
| https://github.com/urllib3/urllib3/security/advis… | x_refsource_CONFIRM |
| https://lists.debian.org/debian-lts-announce/2026… |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44431",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T16:51:26.677054Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T17:17:07.339Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-06-26T11:01:19.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2026/06/msg00040.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "urllib3",
"vendor": "urllib3",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.23, \u003c 2.7.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T15:20:24.588Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc"
}
],
"source": {
"advisory": "GHSA-qccp-gfcp-xxvc",
"discovery": "UNKNOWN"
},
"title": "urllib3: Sensitive headers forwarded across origins in proxied low-level redirects"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-44431",
"datePublished": "2026-05-13T15:20:24.588Z",
"dateReserved": "2026-05-06T14:40:00.954Z",
"dateUpdated": "2026-06-26T11:01:19.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-44431",
"date": "2026-07-01",
"epss": "0.00527",
"percentile": "0.40648"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-44431\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-05-13T16:16:57.150\",\"lastModified\":\"2026-06-26T12:16:32.423\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"urllib3\",\"product\":\"urllib3\",\"versions\":[{\"version\":\"\u003e= 1.23, \u003c 2.7.0\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-05-13T16:51:26.677054Z\",\"id\":\"CVE-2026-44431\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:urllib3:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.23\",\"versionEndExcluding\":\"2.7.0\",\"matchCriteriaId\":\"FEC8DBA3-7985-45C5-A453-F83EC4BD18DA\"}]}]}],\"references\":[{\"url\":\"https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2026/06/msg00040.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2026/06/msg00040.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-06-26T11:01:19.373Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-44431\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-13T16:51:26.677054Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-13T17:15:24.639Z\"}}], \"cna\": {\"title\": \"urllib3: Sensitive headers forwarded across origins in proxied low-level redirects\", \"source\": {\"advisory\": \"GHSA-qccp-gfcp-xxvc\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"urllib3\", \"product\": \"urllib3\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 1.23, \u003c 2.7.0\"}]}], \"references\": [{\"url\": \"https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc\", \"name\": \"https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-05-13T15:20:24.588Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-44431\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-26T11:01:19.373Z\", \"dateReserved\": \"2026-05-06T14:40:00.954Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-05-13T15:20:24.588Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:24544
Vulnerability from csaf_redhat - Published: 2026-06-08 17:52 - Updated: 2026-07-02 05:40A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50_arm64 | — |
Vendor Fix
fix
|
A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50_arm64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference 3.4.1 (cuda) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat AI Inference",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:24544",
"url": "https://access.redhat.com/errata/RHSA-2026:24544"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44431",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44432",
"url": "https://access.redhat.com/security/cve/CVE-2026-44432"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_24544.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference 3.4.1 (cuda)",
"tracking": {
"current_release_date": "2026-07-02T05:40:16+00:00",
"generator": {
"date": "2026-07-02T05:40:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:24544",
"initial_release_date": "2026-06-08T17:52:59+00:00",
"revision_history": [
{
"date": "2026-06-08T17:52:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-08T17:53:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T05:40:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.4",
"product": {
"name": "Red Hat AI Inference Server 3.4",
"product_id": "Red Hat AI Inference Server 3.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0_amd64",
"product": {
"name": "registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0_amd64",
"product_id": "registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-cuda-rhel9@sha256%3A3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0?arch=amd64\u0026repository_url=registry.redhat.io/rhaii/vllm-cuda-rhel9\u0026tag=1780356914"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50_arm64",
"product": {
"name": "registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50_arm64",
"product_id": "registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-cuda-rhel9@sha256%3A6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50?arch=arm64\u0026repository_url=registry.redhat.io/rhaii/vllm-cuda-rhel9\u0026tag=1780356914"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0_amd64 as a component of Red Hat AI Inference Server 3.4",
"product_id": "Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0_amd64"
},
"product_reference": "registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50_arm64 as a component of Red Hat AI Inference Server 3.4",
"product_id": "Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50_arm64"
},
"product_reference": "registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50_arm64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-44431",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-05-13T17:01:41.663622+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0_amd64",
"Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "RHBZ#2477167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc"
}
],
"release_date": "2026-05-13T15:20:24.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-08T17:52:59+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:24544",
"product_ids": [
"Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0_amd64",
"Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24544"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0_amd64",
"Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers"
},
{
"cve": "CVE-2026-44432",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-05-13T17:01:01.083841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0_amd64",
"Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44432"
},
{
"category": "external",
"summary": "RHBZ#2477154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44432",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44432"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j"
}
],
"release_date": "2026-05-13T15:17:12.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-08T17:52:59+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:24544",
"product_ids": [
"Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0_amd64",
"Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24544"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:3c71d1adbb5d811a19c04d1d4d907d0a67fd671dd5c3638d2f8ed5ad363192e0_amd64",
"Red Hat AI Inference Server 3.4:registry.redhat.io/rhaii/vllm-cuda-rhel9@sha256:6ce25732de012437b2087e37cffdc6aff2480aed1940591e00d7c65395d11c50_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression"
}
]
}
RHSA-2026:25039
Vulnerability from csaf_redhat - Published: 2026-06-10 09:34 - Updated: 2026-07-02 05:40A flaw was found in Prometheus, an open-source monitoring system. The `client_secret` field within the Azure Active Directory (AD) remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access to the `/-/config` HTTP API endpoint to view the Azure OAuth client secret in plaintext. This vulnerability leads to information disclosure, potentially compromising the security of integrated Azure AD services.
A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint (`/api/v1/read`) by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service (DoS) by crashing the Prometheus process.
A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.
A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.
A flaw was found in joserfc, a Python library for JSON Object Signing and Encryption (JOSE). This vulnerability allows a remote attacker to cause resource exhaustion, leading to a Denial of Service (DoS), by sending oversized JSON Web Signature (JWS) payloads. The library fails to apply size limits, specifically JWSRegistry.max_payload_length, when processing RFC7797 b64=false JWS payloads.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:jaeger-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:jaeger-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:jaeger-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:\n\njaeger:\n * jaeger-2.19.0-1.hum1 (aarch64, x86_64)\n * jaeger-2.19.0-1.hum1.src (src)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:25039",
"url": "https://access.redhat.com/errata/RHSA-2026:25039"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-48990",
"url": "https://access.redhat.com/security/cve/CVE-2026-48990"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44432",
"url": "https://access.redhat.com/security/cve/CVE-2026-44432"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44431",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42154",
"url": "https://access.redhat.com/security/cve/CVE-2026-42154"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42151",
"url": "https://access.redhat.com/security/cve/CVE-2026-42151"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_25039.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-07-02T05:40:16+00:00",
"generator": {
"date": "2026-07-02T05:40:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:25039",
"initial_release_date": "2026-06-10T09:34:54+00:00",
"revision_history": [
{
"date": "2026-06-10T09:34:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-28T15:08:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T05:40:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "jaeger-main@aarch64",
"product": {
"name": "jaeger-main@aarch64",
"product_id": "jaeger-main@aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jaeger@2.19.0-1.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "jaeger-main@src",
"product": {
"name": "jaeger-main@src",
"product_id": "jaeger-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jaeger@2.19.0-1.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jaeger-main@x86_64",
"product": {
"name": "jaeger-main@x86_64",
"product_id": "jaeger-main@x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jaeger@2.19.0-1.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jaeger-main@aarch64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:jaeger-main@aarch64"
},
"product_reference": "jaeger-main@aarch64",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jaeger-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:jaeger-main@src"
},
"product_reference": "jaeger-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jaeger-main@x86_64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:jaeger-main@x86_64"
},
"product_reference": "jaeger-main@x86_64",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-42151",
"cwe": {
"id": "CWE-256",
"name": "Plaintext Storage of a Password"
},
"discovery_date": "2026-05-04T19:02:26.983660+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466507"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Prometheus, an open-source monitoring system. The `client_secret` field within the Azure Active Directory (AD) remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access to the `/-/config` HTTP API endpoint to view the Azure OAuth client secret in plaintext. This vulnerability leads to information disclosure, potentially compromising the security of integrated Azure AD services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42151"
},
{
"category": "external",
"summary": "RHBZ#2466507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466507"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42151",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18587",
"url": "https://github.com/prometheus/prometheus/pull/18587"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18590",
"url": "https://github.com/prometheus/prometheus/pull/18590"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj",
"url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj"
}
],
"release_date": "2026-05-04T18:12:16.917000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T09:34:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25039"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API"
},
{
"cve": "CVE-2026-42154",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-04T19:02:19.626646+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466505"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint (`/api/v1/read`) by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service (DoS) by crashing the Prometheus process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42154"
},
{
"category": "external",
"summary": "RHBZ#2466505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466505"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42154",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42154"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18584",
"url": "https://github.com/prometheus/prometheus/pull/18584"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18585",
"url": "https://github.com/prometheus/prometheus/pull/18585"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm",
"url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm"
}
],
"release_date": "2026-05-04T18:13:12.340000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T09:34:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25039"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint"
},
{
"cve": "CVE-2026-44431",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-05-13T17:01:41.663622+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "RHBZ#2477167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc"
}
],
"release_date": "2026-05-13T15:20:24.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T09:34:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25039"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers"
},
{
"cve": "CVE-2026-44432",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-05-13T17:01:01.083841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44432"
},
{
"category": "external",
"summary": "RHBZ#2477154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44432",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44432"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j"
}
],
"release_date": "2026-05-13T15:17:12.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T09:34:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25039"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression"
},
{
"cve": "CVE-2026-48990",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-17T22:00:51.839483+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2490168"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in joserfc, a Python library for JSON Object Signing and Encryption (JOSE). This vulnerability allows a remote attacker to cause resource exhaustion, leading to a Denial of Service (DoS), by sending oversized JSON Web Signature (JWS) payloads. The library fails to apply size limits, specifically JWSRegistry.max_payload_length, when processing RFC7797 b64=false JWS payloads.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "joserfc: joserfc: Resource exhaustion via oversized JSON Web Signature (JWS) payloads",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48990"
},
{
"category": "external",
"summary": "RHBZ#2490168",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2490168"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48990"
},
{
"category": "external",
"summary": "https://github.com/authlib/joserfc/releases/tag/1.6.7",
"url": "https://github.com/authlib/joserfc/releases/tag/1.6.7"
},
{
"category": "external",
"summary": "https://github.com/authlib/joserfc/security/advisories/GHSA-wphv-vfrh-23q5",
"url": "https://github.com/authlib/joserfc/security/advisories/GHSA-wphv-vfrh-23q5"
}
],
"release_date": "2026-06-17T21:08:10.534000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T09:34:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25039"
},
{
"category": "workaround",
"details": "The risk can be mitigated by rejecting oversized serialized JWS inputs before they reach joserfc and enforcing strict request/body size limits at the application or reverse-proxy layer.",
"product_ids": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:jaeger-main@aarch64",
"Red Hat Hardened Images:jaeger-main@src",
"Red Hat Hardened Images:jaeger-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "joserfc: joserfc: Resource exhaustion via oversized JSON Web Signature (JWS) payloads"
}
]
}
RHSA-2026:25928
Vulnerability from csaf_redhat - Published: 2026-06-15 08:51 - Updated: 2026-07-02 05:40A flaw was found in Ansible Lightspeed. This vulnerability, related to insufficient session expiration, allows a remote attacker to maintain persistent access to the Ansible Lightspeed instance. If an attacker exfiltrates a valid OAuth (Open Authorization) access token before a user logs out, they can continue to authenticate and access sensitive data. This is because the application fails to invalidate the token on the backend, leaving it valid until its natural expiration. This can lead to unauthorized read access to Ansible resources such as inventories, playbooks, and configuration data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64 | — |
Workaround
|
A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64 | — |
A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64 | — |
A flaw was found in PyJWT, a Python library for JSON Web Token (JWT) implementation. When decoding JWTs, the library fails to validate the use of JSON Web Keys (JWK) in the HMAC algorithm while also supporting asymmetric algorithms. This allows a remote attacker to use the issuer's public key as the secret key for the HMAC algorithm, leading to the ability to forge JWTs. This vulnerability can result in authentication bypass or unauthorized access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64 | — | ||
| Unresolved product id: Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64 | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Ansible Automation Platform 2.7",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nFor details about this release, refer to the release notes listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:25928",
"url": "https://access.redhat.com/errata/RHSA-2026:25928"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44188",
"url": "https://access.redhat.com/security/cve/CVE-2026-44188"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44431",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44432",
"url": "https://access.redhat.com/security/cve/CVE-2026-44432"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-48526",
"url": "https://access.redhat.com/security/cve/CVE-2026-48526"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.7/whats_new-async_updates",
"url": "https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.7/whats_new-async_updates"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_25928.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.7 Container Release Update",
"tracking": {
"current_release_date": "2026-07-02T05:40:16+00:00",
"generator": {
"date": "2026-07-02T05:40:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:25928",
"initial_release_date": "2026-06-15T08:51:13+00:00",
"revision_history": [
{
"date": "2026-06-15T08:51:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-15T08:51:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T05:40:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.7",
"product": {
"name": "Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.7::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ansible Automation Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/platform-operator-bundle@sha256%3A8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/platform-operator-bundle\u0026tag=1781122716"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcp-server-rhel9@sha256%3A7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9\u0026tag=1780741250"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/aap-must-gather-rhel9@sha256%3A51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9\u0026tag=1780676763"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/platform-operator-bundle@sha256%3A32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/platform-operator-bundle\u0026tag=1781122716"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel9@sha256%3A0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9\u0026tag=1781101539"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-devspaces-rhel9@sha256%3Aa6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9\u0026tag=1781112811"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-dev-tools-rhel9@sha256%3Aa8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9\u0026tag=1780676633"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lightspeed-chatbot-rhel9@sha256%3A2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9\u0026tag=1781042555"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lightspeed-rhel9@sha256%3Ad10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9\u0026tag=1781025813"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lightspeed-rhel9-operator@sha256%3A6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator\u0026tag=1781012601"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcp-tools-rhel9@sha256%3Ae6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9\u0026tag=1781030318"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel9@sha256%3A5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/controller-rhel9\u0026tag=1781097765"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel9-operator@sha256%3A5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator\u0026tag=1781020811"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel9@sha256%3Adfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9\u0026tag=1781028735"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel9-operator@sha256%3Aa18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator\u0026tag=1780676212"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-ui-rhel9@sha256%3Afe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9\u0026tag=1781030866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gateway-rhel9@sha256%3Abd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/gateway-rhel9\u0026tag=1781044628"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gateway-rhel9-operator@sha256%3Aeca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator\u0026tag=1781031115"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gateway-proxy-rhel9@sha256%3Ad15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9\u0026tag=1781112272"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel9@sha256%3Acdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/hub-rhel9\u0026tag=1781102816"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel9-operator@sha256%3A3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator\u0026tag=1780676321"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hub-web-rhel9@sha256%3Afb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9\u0026tag=1781105214"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"product_identification_helper": {
"purl": "pkg:oci/metrics-service-rhel9-operator@sha256%3A7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator\u0026tag=1781020387"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"product_identification_helper": {
"purl": "pkg:oci/metrics-service-rhel9@sha256%3Aee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9\u0026tag=1780937494"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel9@sha256%3A55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9\u0026tag=1781036795"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel9@sha256%3A5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9\u0026tag=1781038454"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel9@sha256%3Aabaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9\u0026tag=1781093888"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel9@sha256%3Afcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9\u0026tag=1781118924"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-rhel9-operator@sha256%3A3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator\u0026tag=1781102902"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-runner-rhel9@sha256%3A41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9\u0026tag=1781104458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"product_identification_helper": {
"purl": "pkg:oci/receptor-rhel9@sha256%3A1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/receptor-rhel9\u0026tag=1780679838"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcp-server-rhel9@sha256%3A302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9\u0026tag=1780741250"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/aap-must-gather-rhel9@sha256%3A8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9\u0026tag=1780676763"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel9@sha256%3Af75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9\u0026tag=1781101539"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-devspaces-rhel9@sha256%3A2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9\u0026tag=1781112811"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-dev-tools-rhel9@sha256%3A7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9\u0026tag=1780676633"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lightspeed-chatbot-rhel9@sha256%3Ac014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9\u0026tag=1781042555"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lightspeed-rhel9@sha256%3Ad02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9\u0026tag=1781025813"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lightspeed-rhel9-operator@sha256%3A121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator\u0026tag=1781012601"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcp-tools-rhel9@sha256%3Af07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9\u0026tag=1781030318"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel9@sha256%3Addb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/controller-rhel9\u0026tag=1781097765"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel9-operator@sha256%3Aafca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator\u0026tag=1781020811"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel9@sha256%3Adaefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9\u0026tag=1781028735"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel9-operator@sha256%3Ab58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator\u0026tag=1780676212"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-ui-rhel9@sha256%3Abd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9\u0026tag=1781030866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gateway-rhel9@sha256%3Aa961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/gateway-rhel9\u0026tag=1781044628"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gateway-rhel9-operator@sha256%3Ade3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator\u0026tag=1781031115"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gateway-proxy-rhel9@sha256%3Ae78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9\u0026tag=1781112272"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel9@sha256%3A3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/hub-rhel9\u0026tag=1781102816"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel9-operator@sha256%3Ac738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator\u0026tag=1780676321"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hub-web-rhel9@sha256%3Aadca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9\u0026tag=1781105214"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"product_identification_helper": {
"purl": "pkg:oci/metrics-service-rhel9-operator@sha256%3Ad71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator\u0026tag=1781020387"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/metrics-service-rhel9@sha256%3Ace4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9\u0026tag=1780937494"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel9@sha256%3A587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9\u0026tag=1781036795"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel9@sha256%3A830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9\u0026tag=1781038454"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel9@sha256%3Ac4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9\u0026tag=1781093888"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel9@sha256%3A017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9\u0026tag=1781118924"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-rhel9-operator@sha256%3A7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator\u0026tag=1781102902"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-runner-rhel9@sha256%3Af30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9\u0026tag=1781104458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/receptor-rhel9@sha256%3A5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-27/receptor-rhel9\u0026tag=1780679838"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64 as a component of Red Hat Ansible Automation Platform 2.7",
"product_id": "Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.7"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Laura Pardo"
],
"organization": "Red Hat Inc.",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2026-44188",
"cwe": {
"id": "CWE-613",
"name": "Insufficient Session Expiration"
},
"discovery_date": "2026-05-05T15:02:26.016000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466764"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Ansible Lightspeed. This vulnerability, related to insufficient session expiration, allows a remote attacker to maintain persistent access to the Ansible Lightspeed instance. If an attacker exfiltrates a valid OAuth (Open Authorization) access token before a user logs out, they can continue to authenticate and access sensitive data. This is because the application fails to invalidate the token on the backend, leaving it valid until its natural expiration. This can lead to unauthorized read access to Ansible resources such as inventories, playbooks, and configuration data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ansible-lightspeed: Ansible Lightspeed: Session hijacking and unauthorized data access due to insufficient session expiration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Moderate vulnerability in Ansible Lightspeed allows for post-logout session hijacking. An attacker who obtains a valid OAuth token before a user logs out can maintain persistent unauthorized access to Ansible Automation Platform resources, including inventories and playbooks, because the backend token is not invalidated upon client-side logout. This risk is primarily for data confidentiality, as current token scopes are read-only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64"
],
"known_not_affected": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44188"
},
{
"category": "external",
"summary": "RHBZ#2466764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44188",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44188"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44188",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44188"
}
],
"release_date": "2026-06-15T08:08:37.961000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-15T08:51:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.7#Upgrade",
"product_ids": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25928"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ansible-lightspeed: Ansible Lightspeed: Session hijacking and unauthorized data access due to insufficient session expiration"
},
{
"cve": "CVE-2026-44431",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-05-13T17:01:41.663622+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64"
],
"known_not_affected": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "RHBZ#2477167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc"
}
],
"release_date": "2026-05-13T15:20:24.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-15T08:51:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.7#Upgrade",
"product_ids": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25928"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers"
},
{
"cve": "CVE-2026-44432",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-05-13T17:01:01.083841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64"
],
"known_not_affected": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44432"
},
{
"category": "external",
"summary": "RHBZ#2477154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44432",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44432"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j"
}
],
"release_date": "2026-05-13T15:17:12.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-15T08:51:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.7#Upgrade",
"product_ids": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25928"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression"
},
{
"cve": "CVE-2026-48526",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-05-28T16:01:22.805235+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2482734"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in PyJWT, a Python library for JSON Web Token (JWT) implementation. When decoding JWTs, the library fails to validate the use of JSON Web Keys (JWK) in the HMAC algorithm while also supporting asymmetric algorithms. This allows a remote attacker to use the issuer\u0027s public key as the secret key for the HMAC algorithm, leading to the ability to forge JWTs. This vulnerability can result in authentication bypass or unauthorized access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64"
],
"known_not_affected": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48526"
},
{
"category": "external",
"summary": "RHBZ#2482734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482734"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48526"
},
{
"category": "external",
"summary": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-xgmm-8j9v-c9wx",
"url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-xgmm-8j9v-c9wx"
}
],
"release_date": "2026-05-28T15:09:09.258000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-15T08:51:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.7#Upgrade",
"product_ids": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25928"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:51ed36bb2a95df762fa0239faf7bcc70b68dbd5f744bd2094f5e29ecc6700eb3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/aap-must-gather-rhel9@sha256:8426a97219763cb74366755416683d79e8b56c95da290b0fa2fff59a5db51db3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:0ddbc5f91472e5872912da6131e71df85e87b79ef8ea3d38bb4247f1456d4a00_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-builder-rhel9@sha256:f75e2056244899ae5e2ecab1404663bf554f7451cc521e0d7a75a2f40ecac7a1_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:7dcd3a60624fa4f6c9f591ef8ffc48ba0f5152b7108a6070fa8f680c20168c95_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-dev-tools-rhel9@sha256:a8135ef1879793f311f2661c380bd5fbbedc14a4d195aeaa5a4cb04ad4845f49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:2211c0e7cd573bf30873329c46e91f98ff01fcb7e0753823d4c0517217c31ac3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ansible-devspaces-rhel9@sha256:a6903f68684eb8f5bc688b75e390727b5ed48b864784657e49611966266c9f3f_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:5ffa88952441ddab19ada1bd2603e3614b75d10ef51e38098c2d22d8b358b518_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9-operator@sha256:afca3fb56256dcb7cb04a67fb52bff0160064c65f901a70fa3e97ed30ddaab7a_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:5e1a04dbcddc141f0026ccee871050cf974175b62c3d22b33e5ec3aec54128d3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/controller-rhel9@sha256:ddb59951ccb324d8bd6ae9c6a6093f211bcb08d8cac7c4fb10f191e421aa59d3_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:55ad63ce31700829d0df23692d02cb7796404b122f790f9329f4b742c5f6783e_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-minimal-rhel9@sha256:587ec88d08d4113f07778f81aae6de62c9e9d971b677b1375b547aa7dd1178c8_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:5aa7b2e33b9480f45faf8b4686bfb264838b5c1c62c537c5a2ec7b5a8617ac49_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/de-supported-rhel9@sha256:830fa58a60fbd7f768e236b2052edd1d37fc7cf383a0ccd65483b09fa5b07bd2_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:a18f77ccf6c524f5d0c11d34d6787b22548194b6897abd491de85b00fc1befd3_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9-operator@sha256:b58803576b7a2e119ffe83ceb252d8d402f1611c891c2c6ac7c4e0399acd848f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:daefffce756c8c7918377279ada50a9cc127ab0939ed308c786940d5dc42e0d9_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-rhel9@sha256:dfde61892d055e89b056f7fb8863f3a0961df2bb8890323b8301670fc8afc66b_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:bd7350b62eb0f2de274eafd7dc32e4cf3073bd597e282268ff17777b9fe5d102_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/eda-controller-ui-rhel9@sha256:fe72e508123fdd2795959017e5572689b039d5bdfc675dc45673c5586fceea17_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:abaebe0c1fbc2a013fad8ec411a449705c8a78759b82ddbe661afd99e90dada5_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-minimal-rhel9@sha256:c4f9e3356a2217008bd6f69325ae74d547703f1bcfe39bd74737f30c6914f711_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:017495624b22a5825231dd70443dc9ab359da0df5ea16a5a04e0f4dc915b6e0f_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/ee-supported-rhel9@sha256:fcb7685115cfbf0a10ef87d6bb7a43c251c207a4fd7a31c5908cad85b6ae0e1a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:d15bd832817f039fa3c09d6d74088254b6fae15a5efed7a88279a657b2f23f16_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-proxy-rhel9@sha256:e78dd744714feae5ae944c759759bff17c061c7ed2d3bd1454ba763131ed6ee0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:de3d43a8d9a2cf0d533337e825b078205cc37b01c935a4f68ac152a8a7a7533c_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9-operator@sha256:eca1f9bd16210653a372e34a4f40ca4d6330618a2acba64f6f7c2e8e95026da1_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:a961d06200887f646ed797932c3159634581fe144e5f29f1fef47ddc859eed31_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/gateway-rhel9@sha256:bd28a84fe3b750313749ec80d44cac88c7b06408b0caceea08d303f51c1f559a_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:3312c6acd7a577bd8b3ccda5a65f8505ff76e2acc7a46e7f290a49dfb53cfac4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9-operator@sha256:c738cf5ef020b44a404402ddd660afc3d418a758751f848068bda4bc5bce0e35_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:3a04de6f43c1352f5df5c5a9e19fd8aad23d2921d23dcef8a9f5e121a87fe800_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-rhel9@sha256:cdd7f08ba3846269e6932375c1a7bdb4ed3bfe062ba7bcd5a872def4293150a6_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:adca5f837877df04696709a4826ccae31e2fdc50aa8bc32fabb4ef40cd51f0ef_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/hub-web-rhel9@sha256:fb8342f0f6b8322194bc357c7d9c9d89ef6ca052b88c5618bbf768f555a54b13_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:2fab408777ea512f3cf8ac57d5989fa0017f6352dcead3a320d348a3e2ac1004_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-chatbot-rhel9@sha256:c014148a6140721bb7733d5f30c7adbe3e2cc6f8a7cd6c3a939ab96f8c9420ee_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:121e0bfb87b57655db4a735762a26e23f1b3de7b105cbf09bb300043601c1b43_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9-operator@sha256:6a06579accd268ca5203edab2e46b89166ae6024507cc5b4bed2e126cdef7986_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d02ae0212655f8ef70afc7a0656a2fbc95468228b003f6940d01cf4abeb5325b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/lightspeed-rhel9@sha256:d10f226739a001a0efc0178f19a73fad722dc85484017d13f388f749a374ffea_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:302cf11b0faed78e07e863d4b1e7e31db47590b571239385475d8a4c3cda47dc_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-server-rhel9@sha256:7dbf390d29d295f346662b605448a9748e24b8f541a84f55b6b7c81b87c46025_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:e6c019048612b124e9a2100220d46f242f0fd2302bbe42e674bf84c21a56b733_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/mcp-tools-rhel9@sha256:f07206e7881bd11636bebb95f7ec9a70cc817f07d7b34f792265a5ec91d4432b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:7007f666eadfd7294801e6412e624dbc4bd2288f13ea8820ee55e7552f471831_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9-operator@sha256:d71829d8bd9bfdba7d248e2e2cd5795139382947889b71bb96b27f7d443e1591_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ce4ef5c8af91d2056a034f9559a5d92742b18aea7aeaf03d2bacfa92d67c5b9b_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/metrics-service-rhel9@sha256:ee347c1a7b52e512d6bdd65afda44f0e372abbaf4c1f81750f23fc473becf777_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:3641db944490dd326c814487e1c10d5d9d079ba74f8321930ab277fe44b51705_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-rhel9-operator@sha256:7e6ea2d4253efb0aaabce270c56bf8ef84148592862608f501b639566b9996f0_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:41c9292a512f44347fc348afd6846e7e8832abde31452ee12ec8eca235acdce4_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/platform-resource-runner-rhel9@sha256:f30a9515d678d60e9ac035b876ecdaaa8a4852c87fe55e16bcabf598ad447b14_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:1ad72d1f577d63894eec4278c1b92b6e295cb3c0543b4dd2e93750c2cc83d535_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform-27/receptor-rhel9@sha256:5c5bc6761dbd47effea36014affa352bddd5a18696377967f1f50b75df2741fe_arm64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:32560cdb08b7da9d671f9b035e595971c5bdf865c56eb6825b9a4910add1b9cf_amd64",
"Red Hat Ansible Automation Platform 2.7:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:8ef224281fd23b4203da09336df25550db17b01f025e99b8e9821d4bc3ddedfc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens"
}
]
}
RHSA-2026:26212
Vulnerability from csaf_redhat - Published: 2026-06-16 08:47 - Updated: 2026-07-02 05:40A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-puptoo-rhel9@sha256:f4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67_amd64 | — |
Vendor Fix
fix
|
A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-puptoo-rhel9@sha256:f4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67_amd64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new satellite/iop-puptoo-rhel9 container image is now generally available in the Red Hat container registry.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and configuration settings. When you install Red Hat Lightspeed in Satellite locally, you can generate Red Hat Lightspeed recommendations without sending system data to Red Hat services. ",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26212",
"url": "https://access.redhat.com/errata/RHSA-2026:26212"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44431",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44432",
"url": "https://access.redhat.com/security/cve/CVE-2026-44432"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/software/containers/search",
"url": "https://catalog.redhat.com/software/containers/search"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_connected_network_environment/performing-additional-configuration-on-server_satellite#installing-and-configuring-red-hat-lightspeed-in-satellite",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_connected_network_environment/performing-additional-configuration-on-server_satellite#installing-and-configuring-red-hat-lightspeed-in-satellite"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_disconnected_network_environment/performing-additional-configuration#installing-and-configuring-red-hat-lightspeed-in-satellite",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_disconnected_network_environment/performing-additional-configuration#installing-and-configuring-red-hat-lightspeed-in-satellite"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26212.json"
}
],
"title": "Red Hat Security Advisory: General availability of the satellite/iop-puptoo-rhel9 container image",
"tracking": {
"current_release_date": "2026-07-02T05:40:17+00:00",
"generator": {
"date": "2026-07-02T05:40:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:26212",
"initial_release_date": "2026-06-16T08:47:12+00:00",
"revision_history": [
{
"date": "2026-06-16T08:47:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-16T08:47:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T05:40:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.18",
"product": {
"name": "Red Hat Satellite 6.18",
"product_id": "Red Hat Satellite 6.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.18::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/satellite/iop-puptoo-rhel9@sha256:f4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67_amd64",
"product": {
"name": "registry.redhat.io/satellite/iop-puptoo-rhel9@sha256:f4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67_amd64",
"product_id": "registry.redhat.io/satellite/iop-puptoo-rhel9@sha256:f4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67_amd64",
"product_identification_helper": {
"purl": "pkg:oci/iop-puptoo-rhel9@sha256%3Af4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67?arch=amd64\u0026repository_url=registry.redhat.io/satellite/iop-puptoo-rhel9\u0026tag=1779792651"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/satellite/iop-puptoo-rhel9@sha256:f4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67_amd64 as a component of Red Hat Satellite 6.18",
"product_id": "Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-puptoo-rhel9@sha256:f4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67_amd64"
},
"product_reference": "registry.redhat.io/satellite/iop-puptoo-rhel9@sha256:f4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67_amd64",
"relates_to_product_reference": "Red Hat Satellite 6.18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-44431",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-05-13T17:01:41.663622+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-puptoo-rhel9@sha256:f4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "RHBZ#2477167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc"
}
],
"release_date": "2026-05-13T15:20:24.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T08:47:12+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-puptoo-rhel9@sha256:f4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26212"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-puptoo-rhel9@sha256:f4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers"
},
{
"cve": "CVE-2026-44432",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-05-13T17:01:01.083841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-puptoo-rhel9@sha256:f4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44432"
},
{
"category": "external",
"summary": "RHBZ#2477154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44432",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44432"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j"
}
],
"release_date": "2026-05-13T15:17:12.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T08:47:12+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-puptoo-rhel9@sha256:f4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26212"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-puptoo-rhel9@sha256:f4ca1112b4909ceae1121123958c07eae9e869a9ac8a84ffcad8dc937b984c67_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression"
}
]
}
RHSA-2026:26215
Vulnerability from csaf_redhat - Published: 2026-06-16 08:53 - Updated: 2026-07-02 05:40A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-yuptoo-rhel9@sha256:a10aae6084eba65f810db9b409ab9344243e2e39b44138330b72b9f13187d8b2_amd64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new satellite/iop-yuptoo-rhel9 container image is now generally available in the Red Hat container registry.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and configuration settings. When you install Red Hat Lightspeed in Satellite locally, you can generate Red Hat Lightspeed recommendations without sending system data to Red Hat services. ",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26215",
"url": "https://access.redhat.com/errata/RHSA-2026:26215"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44431",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/software/containers/search",
"url": "https://catalog.redhat.com/software/containers/search"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_connected_network_environment/performing-additional-configuration-on-server_satellite#installing-and-configuring-red-hat-lightspeed-in-satellite",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_connected_network_environment/performing-additional-configuration-on-server_satellite#installing-and-configuring-red-hat-lightspeed-in-satellite"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_disconnected_network_environment/performing-additional-configuration#installing-and-configuring-red-hat-lightspeed-in-satellite",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_disconnected_network_environment/performing-additional-configuration#installing-and-configuring-red-hat-lightspeed-in-satellite"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26215.json"
}
],
"title": "Red Hat Security Advisory: General availability of the satellite/iop-yuptoo-rhel9 container image",
"tracking": {
"current_release_date": "2026-07-02T05:40:21+00:00",
"generator": {
"date": "2026-07-02T05:40:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:26215",
"initial_release_date": "2026-06-16T08:53:03+00:00",
"revision_history": [
{
"date": "2026-06-16T08:53:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-16T08:53:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T05:40:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.18",
"product": {
"name": "Red Hat Satellite 6.18",
"product_id": "Red Hat Satellite 6.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.18::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/satellite/iop-yuptoo-rhel9@sha256:a10aae6084eba65f810db9b409ab9344243e2e39b44138330b72b9f13187d8b2_amd64",
"product": {
"name": "registry.redhat.io/satellite/iop-yuptoo-rhel9@sha256:a10aae6084eba65f810db9b409ab9344243e2e39b44138330b72b9f13187d8b2_amd64",
"product_id": "registry.redhat.io/satellite/iop-yuptoo-rhel9@sha256:a10aae6084eba65f810db9b409ab9344243e2e39b44138330b72b9f13187d8b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/iop-yuptoo-rhel9@sha256%3Aa10aae6084eba65f810db9b409ab9344243e2e39b44138330b72b9f13187d8b2?arch=amd64\u0026repository_url=registry.redhat.io/satellite/iop-yuptoo-rhel9\u0026tag=1779792968"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/satellite/iop-yuptoo-rhel9@sha256:a10aae6084eba65f810db9b409ab9344243e2e39b44138330b72b9f13187d8b2_amd64 as a component of Red Hat Satellite 6.18",
"product_id": "Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-yuptoo-rhel9@sha256:a10aae6084eba65f810db9b409ab9344243e2e39b44138330b72b9f13187d8b2_amd64"
},
"product_reference": "registry.redhat.io/satellite/iop-yuptoo-rhel9@sha256:a10aae6084eba65f810db9b409ab9344243e2e39b44138330b72b9f13187d8b2_amd64",
"relates_to_product_reference": "Red Hat Satellite 6.18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-44431",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-05-13T17:01:41.663622+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-yuptoo-rhel9@sha256:a10aae6084eba65f810db9b409ab9344243e2e39b44138330b72b9f13187d8b2_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "RHBZ#2477167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc"
}
],
"release_date": "2026-05-13T15:20:24.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T08:53:03+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-yuptoo-rhel9@sha256:a10aae6084eba65f810db9b409ab9344243e2e39b44138330b72b9f13187d8b2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26215"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-yuptoo-rhel9@sha256:a10aae6084eba65f810db9b409ab9344243e2e39b44138330b72b9f13187d8b2_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers"
}
]
}
RHSA-2026:26221
Vulnerability from csaf_redhat - Published: 2026-06-16 08:58 - Updated: 2026-07-02 05:40A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:a359d2c6b60827c4709f5f0ada1799bfc890fe5f11d7d8f595df2d121fc6ae24_amd64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new satellite/iop-vmaas-rhel9 container image is now available as a technical preview in the Red Hat container registry.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and configuration settings.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26221",
"url": "https://access.redhat.com/errata/RHSA-2026:26221"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44431",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/software/containers/search",
"url": "https://catalog.redhat.com/software/containers/search"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_connected_network_environment/performing-additional-configuration-on-server_satellite#installing-and-configuring-red-hat-lightspeed-in-satellite",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_connected_network_environment/performing-additional-configuration-on-server_satellite#installing-and-configuring-red-hat-lightspeed-in-satellite"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_disconnected_network_environment/performing-additional-configuration#installing-and-configuring-red-hat-lightspeed-in-satellite",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_disconnected_network_environment/performing-additional-configuration#installing-and-configuring-red-hat-lightspeed-in-satellite"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26221.json"
}
],
"title": "Red Hat Security Advisory: Technical preview of the satellite/iop-vmaas-rhel9 container image",
"tracking": {
"current_release_date": "2026-07-02T05:40:18+00:00",
"generator": {
"date": "2026-07-02T05:40:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:26221",
"initial_release_date": "2026-06-16T08:58:34+00:00",
"revision_history": [
{
"date": "2026-06-16T08:58:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-16T08:58:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T05:40:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.18",
"product": {
"name": "Red Hat Satellite 6.18",
"product_id": "Red Hat Satellite 6.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.18::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:a359d2c6b60827c4709f5f0ada1799bfc890fe5f11d7d8f595df2d121fc6ae24_amd64",
"product": {
"name": "registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:a359d2c6b60827c4709f5f0ada1799bfc890fe5f11d7d8f595df2d121fc6ae24_amd64",
"product_id": "registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:a359d2c6b60827c4709f5f0ada1799bfc890fe5f11d7d8f595df2d121fc6ae24_amd64",
"product_identification_helper": {
"purl": "pkg:oci/iop-vmaas-rhel9@sha256%3Aa359d2c6b60827c4709f5f0ada1799bfc890fe5f11d7d8f595df2d121fc6ae24?arch=amd64\u0026repository_url=registry.redhat.io/satellite/iop-vmaas-rhel9\u0026tag=1780392987"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:a359d2c6b60827c4709f5f0ada1799bfc890fe5f11d7d8f595df2d121fc6ae24_amd64 as a component of Red Hat Satellite 6.18",
"product_id": "Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:a359d2c6b60827c4709f5f0ada1799bfc890fe5f11d7d8f595df2d121fc6ae24_amd64"
},
"product_reference": "registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:a359d2c6b60827c4709f5f0ada1799bfc890fe5f11d7d8f595df2d121fc6ae24_amd64",
"relates_to_product_reference": "Red Hat Satellite 6.18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-44431",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-05-13T17:01:41.663622+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:a359d2c6b60827c4709f5f0ada1799bfc890fe5f11d7d8f595df2d121fc6ae24_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "RHBZ#2477167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc"
}
],
"release_date": "2026-05-13T15:20:24.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T08:58:34+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:a359d2c6b60827c4709f5f0ada1799bfc890fe5f11d7d8f595df2d121fc6ae24_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26221"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vmaas-rhel9@sha256:a359d2c6b60827c4709f5f0ada1799bfc890fe5f11d7d8f595df2d121fc6ae24_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers"
}
]
}
RHSA-2026:26226
Vulnerability from csaf_redhat - Published: 2026-06-16 09:06 - Updated: 2026-07-02 05:40A flaw was found in python-dotenv. A local attacker can exploit this by crafting a symbolic link, which the `set_key()` and `unset_key()` functions in python-dotenv follow when rewriting `.env` files. This can lead to the overwriting of arbitrary files on the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64 | — |
Vendor Fix
fix
Workaround
|
A missing verification step has been discovered in PyJWT. PyJWT does not validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of rejecting it. This violates the MUST requirement in the RFC.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64 | — |
Vendor Fix
fix
|
A flaw was found in Starlette, a lightweight ASGI (Asynchronous Server Gateway Interface) framework. A remote attacker could exploit this vulnerability by sending a specially crafted HTTP `Host` request header. This malformed header could cause the `request.url` to be incorrectly reconstructed, leading to a discrepancy with the actual requested path. Consequently, security restrictions enforced by middleware and endpoints that rely on `request.url` for validation could be bypassed, potentially allowing unauthorized access or actions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new satellite/iop-host-inventory-rhel9 container image is now generally available in the Red Hat container registry.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and configuration settings. When you install Red Hat Lightspeed in Satellite locally, you can generate Red Hat Lightspeed recommendations without sending system data to Red Hat services. ",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26226",
"url": "https://access.redhat.com/errata/RHSA-2026:26226"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-28684",
"url": "https://access.redhat.com/security/cve/CVE-2026-28684"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32597",
"url": "https://access.redhat.com/security/cve/CVE-2026-32597"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44431",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-48710",
"url": "https://access.redhat.com/security/cve/CVE-2026-48710"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/software/containers/search",
"url": "https://catalog.redhat.com/software/containers/search"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_connected_network_environment/performing-additional-configuration-on-server_satellite#installing-and-configuring-red-hat-lightspeed-in-satellite",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_connected_network_environment/performing-additional-configuration-on-server_satellite#installing-and-configuring-red-hat-lightspeed-in-satellite"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_disconnected_network_environment/performing-additional-configuration#installing-and-configuring-red-hat-lightspeed-in-satellite",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_disconnected_network_environment/performing-additional-configuration#installing-and-configuring-red-hat-lightspeed-in-satellite"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26226.json"
}
],
"title": "Red Hat Security Advisory: General availability of the satellite/iop-host-inventory-rhel9 container image",
"tracking": {
"current_release_date": "2026-07-02T05:40:18+00:00",
"generator": {
"date": "2026-07-02T05:40:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:26226",
"initial_release_date": "2026-06-16T09:06:21+00:00",
"revision_history": [
{
"date": "2026-06-16T09:06:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-16T09:06:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T05:40:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.18",
"product": {
"name": "Red Hat Satellite 6.18",
"product_id": "Red Hat Satellite 6.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.18::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64",
"product": {
"name": "registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64",
"product_id": "registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/iop-host-inventory-rhel9@sha256%3Afe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a?arch=amd64\u0026repository_url=registry.redhat.io/satellite/iop-host-inventory-rhel9\u0026tag=1780414237"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64 as a component of Red Hat Satellite 6.18",
"product_id": "Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
},
"product_reference": "registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64",
"relates_to_product_reference": "Red Hat Satellite 6.18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-28684",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2026-04-20T17:02:18.205732+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2459798"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in python-dotenv. A local attacker can exploit this by crafting a symbolic link, which the `set_key()` and `unset_key()` functions in python-dotenv follow when rewriting `.env` files. This can lead to the overwriting of arbitrary files on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-dotenv: python-dotenv: Arbitrary file overwrite via symbolic link following",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-28684"
},
{
"category": "external",
"summary": "RHBZ#2459798",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2459798"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-28684",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28684"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-28684",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28684"
},
{
"category": "external",
"summary": "https://github.com/theskumar/python-dotenv/commit/790c5c02991100aa1bf41ee5330aca75edc51311",
"url": "https://github.com/theskumar/python-dotenv/commit/790c5c02991100aa1bf41ee5330aca75edc51311"
},
{
"category": "external",
"summary": "https://github.com/theskumar/python-dotenv/releases/tag/v1.2.2",
"url": "https://github.com/theskumar/python-dotenv/releases/tag/v1.2.2"
},
{
"category": "external",
"summary": "https://github.com/theskumar/python-dotenv/security/advisories/GHSA-mf9w-mj56-hr94",
"url": "https://github.com/theskumar/python-dotenv/security/advisories/GHSA-mf9w-mj56-hr94"
}
],
"release_date": "2026-04-20T16:25:12.302000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:21+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26226"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-dotenv: python-dotenv: Arbitrary file overwrite via symbolic link following"
},
{
"cve": "CVE-2026-32597",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-03-12T22:01:29.967713+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447194"
}
],
"notes": [
{
"category": "description",
"text": "A missing verification step has been discovered in PyJWT. PyJWT does not validate the crit (Critical) Header Parameter defined in RFC 7515 \u00a74.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of rejecting it. This violates the MUST requirement in the RFC.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyjwt: PyJWT accepts unknown `crit` header extensions (RFC 7515 \u00a74.1.11 MUST violation)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32597"
},
{
"category": "external",
"summary": "RHBZ#2447194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32597",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32597"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32597",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32597"
},
{
"category": "external",
"summary": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f",
"url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f"
}
],
"release_date": "2026-03-12T21:41:50.427000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:21+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26226"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyjwt: PyJWT accepts unknown `crit` header extensions (RFC 7515 \u00a74.1.11 MUST violation)"
},
{
"cve": "CVE-2026-44431",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-05-13T17:01:41.663622+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "RHBZ#2477167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc"
}
],
"release_date": "2026-05-13T15:20:24.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:21+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26226"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers"
},
{
"cve": "CVE-2026-48710",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-26T23:01:03.204374+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2481742"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Starlette, a lightweight ASGI (Asynchronous Server Gateway Interface) framework. A remote attacker could exploit this vulnerability by sending a specially crafted HTTP `Host` request header. This malformed header could cause the `request.url` to be incorrectly reconstructed, leading to a discrepancy with the actual requested path. Consequently, security restrictions enforced by middleware and endpoints that rely on `request.url` for validation could be bypassed, potentially allowing unauthorized access or actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "starlette: Starlette: Security restriction bypass via malformed HTTP Host header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is rated as Critical because path-based authentication and access control middleware can be completely bypassed by an unauthenticated remote attacker using a crafted HTTP Host header.\n\nStarlette reconstructs `request.url` by combining the HTTP Host header value with the request path, but performs no validation on the Host header. An attacker can inject path separators or query characters into the Host header (e.g., `Host: example.com/health?x=`), causing `request.url.path` to return a value that differs from the actual HTTP `request path` used for routing. Middleware that enforces authentication or authorization decisions based on `request.url.path` will evaluate the injected path rather than the real one, allowing the attacker to reach protected endpoints.\n\nWith regard to CVSS metrics, the Attack Vector (AV) is Network and Privileges Required (PR) is None, because the attack requires only the ability to send HTTP requests with a crafted Host header. User interaction is not required.\n\nRed Hat Satellite / Insights (IoP): The starlette package is included as a dependency of Connexion, but this flaw is rated Low impact because these services do not use path-based authentication middleware and all services are deployed behind reverse proxies. \n\nOpenShift Lightspeed (OLS): The starlette package is included as a dependency, but this flaw is rated Low impact because authentication is enforced via Kubernetes TokenReview/SubjectAccessReview through FastAPI dependency injection, not path-based middleware; request.url.path is only used for metrics and response header application.\n\nRHOAI Kubeflow Training images: starlette is being used as indirect dependency of mlflow, but this flaw is rated as Low impact because mlflow is used as client library only to store training metrics on remote server, it doesn\u0027t expose any endpoint.\n\nRHOAI odh-automl: The impact is reduced to Low since starlette is only used in the backend and it\u0027s transient dependency and starlette is not used at all to serve any endpoints.\n\nRHOAI odh-kserve-autogluon-server-rhel9: While the Starlette dependency is present in the build, the vulnerable code in starlette is not reachable. This reduces the impact to low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48710"
},
{
"category": "external",
"summary": "RHBZ#2481742",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481742"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48710",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48710"
},
{
"category": "external",
"summary": "https://badhost.org",
"url": "https://badhost.org"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/commit/764dab0dcfb9033d75442d7a359645c9f94648c6",
"url": "https://github.com/Kludex/starlette/commit/764dab0dcfb9033d75442d7a359645c9f94648c6"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/security/advisories/GHSA-86qp-5c8j-p5mr",
"url": "https://github.com/Kludex/starlette/security/advisories/GHSA-86qp-5c8j-p5mr"
},
{
"category": "external",
"summary": "https://github.com/pypa/advisory-database/tree/main/vulns/starlette/PYSEC-2026-161.yaml",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/starlette/PYSEC-2026-161.yaml"
},
{
"category": "external",
"summary": "https://ostif.org/disclosing-the-badhost-vulnerability-in-starlette",
"url": "https://ostif.org/disclosing-the-badhost-vulnerability-in-starlette"
},
{
"category": "external",
"summary": "https://www.secwest.net/starlette",
"url": "https://www.secwest.net/starlette"
},
{
"category": "external",
"summary": "https://www.x41-dsec.de/lab/advisories/x41-2026-002-starlette",
"url": "https://www.x41-dsec.de/lab/advisories/x41-2026-002-starlette"
}
],
"release_date": "2026-05-26T21:54:54.393000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:21+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26226"
},
{
"category": "workaround",
"details": "Deploying an RFC-compliant reverse proxy (such as nginx, Apache, HAProxy, or Caddy) in front of the ASGI server will reject malformed Host headers before they reach the application. This is the most straightforward mitigation that does not require code changes.\n\nIf custom middleware is present, it should be updated to use `request.scope[\"path\"]` instead of `request.url.path` for any security decisions. The ASGI scope path is derived from the HTTP request line and is not influenced by the Host header, so it reflects the actual request target.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-host-inventory-rhel9@sha256:fe7bad4091d1e22b940b6f5cda351b4f0e92c0ff6107cf38041c5371ecef817a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "starlette: Starlette: Security restriction bypass via malformed HTTP Host header"
}
]
}
RHSA-2026:26304
Vulnerability from csaf_redhat - Published: 2026-06-16 11:53 - Updated: 2026-07-02 05:40A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-insights-engine-rhel9@sha256:0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5_amd64 | — |
Vendor Fix
fix
|
A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-insights-engine-rhel9@sha256:0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5_amd64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new satellite/iop-insights-engine-rhel9 container image is now generally available in the Red Hat container registry.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and configuration settings. When you install Red Hat Lightspeed in Satellite locally, you can generate Red Hat Lightspeed recommendations without sending system data to Red Hat services. ",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26304",
"url": "https://access.redhat.com/errata/RHSA-2026:26304"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44431",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44432",
"url": "https://access.redhat.com/security/cve/CVE-2026-44432"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/software/containers/search",
"url": "https://catalog.redhat.com/software/containers/search"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_connected_network_environment/performing-additional-configuration-on-server_satellite#installing-and-configuring-red-hat-lightspeed-in-satellite",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_connected_network_environment/performing-additional-configuration-on-server_satellite#installing-and-configuring-red-hat-lightspeed-in-satellite"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_disconnected_network_environment/performing-additional-configuration#installing-and-configuring-red-hat-lightspeed-in-satellite",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_disconnected_network_environment/performing-additional-configuration#installing-and-configuring-red-hat-lightspeed-in-satellite"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26304.json"
}
],
"title": "Red Hat Security Advisory: General availability of the satellite/iop-insights-engine-rhel9 container image",
"tracking": {
"current_release_date": "2026-07-02T05:40:19+00:00",
"generator": {
"date": "2026-07-02T05:40:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:26304",
"initial_release_date": "2026-06-16T11:53:21+00:00",
"revision_history": [
{
"date": "2026-06-16T11:53:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-16T11:53:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T05:40:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.18",
"product": {
"name": "Red Hat Satellite 6.18",
"product_id": "Red Hat Satellite 6.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.18::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/satellite/iop-insights-engine-rhel9@sha256:0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5_amd64",
"product": {
"name": "registry.redhat.io/satellite/iop-insights-engine-rhel9@sha256:0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5_amd64",
"product_id": "registry.redhat.io/satellite/iop-insights-engine-rhel9@sha256:0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/iop-insights-engine-rhel9@sha256%3A0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5?arch=amd64\u0026repository_url=registry.redhat.io/satellite/iop-insights-engine-rhel9\u0026tag=1779711334"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/satellite/iop-insights-engine-rhel9@sha256:0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5_amd64 as a component of Red Hat Satellite 6.18",
"product_id": "Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-insights-engine-rhel9@sha256:0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5_amd64"
},
"product_reference": "registry.redhat.io/satellite/iop-insights-engine-rhel9@sha256:0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5_amd64",
"relates_to_product_reference": "Red Hat Satellite 6.18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-44431",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-05-13T17:01:41.663622+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-insights-engine-rhel9@sha256:0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "RHBZ#2477167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc"
}
],
"release_date": "2026-05-13T15:20:24.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T11:53:21+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-insights-engine-rhel9@sha256:0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26304"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-insights-engine-rhel9@sha256:0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers"
},
{
"cve": "CVE-2026-44432",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-05-13T17:01:01.083841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-insights-engine-rhel9@sha256:0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44432"
},
{
"category": "external",
"summary": "RHBZ#2477154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44432",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44432"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j"
}
],
"release_date": "2026-05-13T15:17:12.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T11:53:21+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-insights-engine-rhel9@sha256:0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26304"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-insights-engine-rhel9@sha256:0c65c4effbb9f1fc050a0cf5df4fd0b94a43aeb4ffe64dc30643ecb5136b52e5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression"
}
]
}
RHSA-2026:27929
Vulnerability from csaf_redhat - Published: 2026-06-22 14:50 - Updated: 2026-07-02 05:40A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.
A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python3.14-urllib3 is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* urllib3: urllib3: Denial of Service due to excessive HTTP response decompression (CVE-2026-44432)\n\n* urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers (CVE-2026-44431)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:27929",
"url": "https://access.redhat.com/errata/RHSA-2026:27929"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2477154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477154"
},
{
"category": "external",
"summary": "2477167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477167"
},
{
"category": "external",
"summary": "RHEL-184903",
"url": "https://issues.redhat.com/browse/RHEL-184903"
},
{
"category": "external",
"summary": "RHEL-185128",
"url": "https://issues.redhat.com/browse/RHEL-185128"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_27929.json"
}
],
"title": "Red Hat Security Advisory: python3.14-urllib3 security update",
"tracking": {
"current_release_date": "2026-07-02T05:40:19+00:00",
"generator": {
"date": "2026-07-02T05:40:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:27929",
"initial_release_date": "2026-06-22T14:50:02+00:00",
"revision_history": [
{
"date": "2026-06-22T14:50:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-22T14:50:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T05:40:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python3.14-urllib3-0:2.6.3-2.el10_2.noarch",
"product": {
"name": "python3.14-urllib3-0:2.6.3-2.el10_2.noarch",
"product_id": "python3.14-urllib3-0:2.6.3-2.el10_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.14-urllib3@2.6.3-2.el10_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python3.14-urllib3-0:2.6.3-2.el10_2.src",
"product": {
"name": "python3.14-urllib3-0:2.6.3-2.el10_2.src",
"product_id": "python3.14-urllib3-0:2.6.3-2.el10_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.14-urllib3@2.6.3-2.el10_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.14-urllib3-0:2.6.3-2.el10_2.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:python3.14-urllib3-0:2.6.3-2.el10_2.noarch"
},
"product_reference": "python3.14-urllib3-0:2.6.3-2.el10_2.noarch",
"relates_to_product_reference": "AppStream-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.14-urllib3-0:2.6.3-2.el10_2.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.2.Z:python3.14-urllib3-0:2.6.3-2.el10_2.src"
},
"product_reference": "python3.14-urllib3-0:2.6.3-2.el10_2.src",
"relates_to_product_reference": "AppStream-10.2.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-44431",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-05-13T17:01:41.663622+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.2.Z:python3.14-urllib3-0:2.6.3-2.el10_2.noarch",
"AppStream-10.2.Z:python3.14-urllib3-0:2.6.3-2.el10_2.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "RHBZ#2477167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc"
}
],
"release_date": "2026-05-13T15:20:24.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T14:50:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.2.Z:python3.14-urllib3-0:2.6.3-2.el10_2.noarch",
"AppStream-10.2.Z:python3.14-urllib3-0:2.6.3-2.el10_2.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27929"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.2.Z:python3.14-urllib3-0:2.6.3-2.el10_2.noarch",
"AppStream-10.2.Z:python3.14-urllib3-0:2.6.3-2.el10_2.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers"
},
{
"cve": "CVE-2026-44432",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-05-13T17:01:01.083841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.2.Z:python3.14-urllib3-0:2.6.3-2.el10_2.noarch",
"AppStream-10.2.Z:python3.14-urllib3-0:2.6.3-2.el10_2.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44432"
},
{
"category": "external",
"summary": "RHBZ#2477154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44432",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44432"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j"
}
],
"release_date": "2026-05-13T15:17:12.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T14:50:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.2.Z:python3.14-urllib3-0:2.6.3-2.el10_2.noarch",
"AppStream-10.2.Z:python3.14-urllib3-0:2.6.3-2.el10_2.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:27929"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.2.Z:python3.14-urllib3-0:2.6.3-2.el10_2.noarch",
"AppStream-10.2.Z:python3.14-urllib3-0:2.6.3-2.el10_2.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression"
}
]
}
RHSA-2026:28000
Vulnerability from csaf_redhat - Published: 2026-06-22 16:14 - Updated: 2026-07-02 05:40A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.
A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-urllib3 is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* urllib3: urllib3: Denial of Service due to excessive HTTP response decompression (CVE-2026-44432)\n\n* urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers (CVE-2026-44431)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:28000",
"url": "https://access.redhat.com/errata/RHSA-2026:28000"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2477154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477154"
},
{
"category": "external",
"summary": "2477167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477167"
},
{
"category": "external",
"summary": "RHEL-184817",
"url": "https://issues.redhat.com/browse/RHEL-184817"
},
{
"category": "external",
"summary": "RHEL-185121",
"url": "https://issues.redhat.com/browse/RHEL-185121"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_28000.json"
}
],
"title": "Red Hat Security Advisory: python-urllib3 security update",
"tracking": {
"current_release_date": "2026-07-02T05:40:20+00:00",
"generator": {
"date": "2026-07-02T05:40:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:28000",
"initial_release_date": "2026-06-22T16:14:02+00:00",
"revision_history": [
{
"date": "2026-06-22T16:14:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-22T16:14:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T05:40:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python-urllib3-0:1.26.19-4.el10_2.src",
"product": {
"name": "python-urllib3-0:1.26.19-4.el10_2.src",
"product_id": "python-urllib3-0:1.26.19-4.el10_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-urllib3@1.26.19-4.el10_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-urllib3-0:1.26.19-4.el10_2.noarch",
"product": {
"name": "python3-urllib3-0:1.26.19-4.el10_2.noarch",
"product_id": "python3-urllib3-0:1.26.19-4.el10_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-urllib3@1.26.19-4.el10_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-urllib3-0:1.26.19-4.el10_2.src as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.2.Z:python-urllib3-0:1.26.19-4.el10_2.src"
},
"product_reference": "python-urllib3-0:1.26.19-4.el10_2.src",
"relates_to_product_reference": "BaseOS-10.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-0:1.26.19-4.el10_2.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.2.Z:python3-urllib3-0:1.26.19-4.el10_2.noarch"
},
"product_reference": "python3-urllib3-0:1.26.19-4.el10_2.noarch",
"relates_to_product_reference": "BaseOS-10.2.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-44431",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-05-13T17:01:41.663622+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via `ProxyManager.connection_from_url().urlopen()` with `assert_same_host=False`, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-10.2.Z:python-urllib3-0:1.26.19-4.el10_2.src",
"BaseOS-10.2.Z:python3-urllib3-0:1.26.19-4.el10_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44431"
},
{
"category": "external",
"summary": "RHBZ#2477167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc"
}
],
"release_date": "2026-05-13T15:20:24.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T16:14:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-10.2.Z:python-urllib3-0:1.26.19-4.el10_2.src",
"BaseOS-10.2.Z:python3-urllib3-0:1.26.19-4.el10_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28000"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-10.2.Z:python-urllib3-0:1.26.19-4.el10_2.src",
"BaseOS-10.2.Z:python3-urllib3-0:1.26.19-4.el10_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers"
},
{
"cve": "CVE-2026-44432",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-05-13T17:01:01.083841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response, even if only a partial read was requested, or when draining the connection after a partial decompression. This can lead to a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-10.2.Z:python-urllib3-0:1.26.19-4.el10_2.src",
"BaseOS-10.2.Z:python3-urllib3-0:1.26.19-4.el10_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44432"
},
{
"category": "external",
"summary": "RHBZ#2477154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44432",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44432"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j"
}
],
"release_date": "2026-05-13T15:17:12.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T16:14:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-10.2.Z:python-urllib3-0:1.26.19-4.el10_2.src",
"BaseOS-10.2.Z:python3-urllib3-0:1.26.19-4.el10_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28000"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-10.2.Z:python-urllib3-0:1.26.19-4.el10_2.src",
"BaseOS-10.2.Z:python3-urllib3-0:1.26.19-4.el10_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Denial of Service due to excessive HTTP response decompression"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.