Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2023:5701
HistoryOct 16, 2023 - 12:58 a.m.

(RHSA-2023:5701) Moderate: Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update

2023-10-1600:58:47
access.redhat.com
23
red hat
ansible automation
security update
bug fix
cve
django
automation content
enterprise framework
it automation

0.001 Low

EPSS

Percentile

40.2%

JSON

Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.

Security Fix(es):

  • ansible-core: malicious role archive can cause ansible-galaxy to overwrite arbitrary files (CVE-2023-5115)
  • automation-controller: Django: Potential denial of service vulnerability in django.utils.encoding.uri_to_iri() (CVE-2023-41164)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional changes:

  • ansible-core has been updated to 2.14.11
  • automation-controller has been updated to 4.3.16
OSVersionArchitecturePackageVersionFilename
RedHat9x86_64automation-controller-server< 4.3.16-1.el9apautomation-controller-server-4.3.16-1.el9ap.x86_64.rpm
RedHat8x86_64automation-controller-server< 4.3.16-1.el8apautomation-controller-server-4.3.16-1.el8ap.x86_64.rpm
RedHat9x86_64ansible-core< 2.14.11-1.el9apansible-core-2.14.11-1.el9ap.x86_64.rpm
RedHat9x86_64automation-controller-venv-tower< 4.3.16-1.el9apautomation-controller-venv-tower-4.3.16-1.el9ap.x86_64.rpm
RedHat9x86_64automation-controller-ui< 4.3.16-1.el9apautomation-controller-ui-4.3.16-1.el9ap.x86_64.rpm
RedHat8x86_64automation-controller-ui< 4.3.16-1.el8apautomation-controller-ui-4.3.16-1.el8ap.x86_64.rpm
RedHat9x86_64ansible-test< 2.14.11-1.el9apansible-test-2.14.11-1.el9ap.x86_64.rpm
RedHat9x86_64automation-controller< 4.3.16-1.el9apautomation-controller-4.3.16-1.el9ap.x86_64.rpm
RedHat8x86_64automation-controller-venv-tower< 4.3.16-1.el8apautomation-controller-venv-tower-4.3.16-1.el8ap.x86_64.rpm
RedHat8x86_64automation-controller< 4.3.16-1.el8apautomation-controller-4.3.16-1.el8ap.x86_64.rpm
Rows per page:
1-10 of 141

Related

nessus 16
redhat 5
debian 2
openvas 14
veracode 3
cvelist 2
osv 9
cve 2
debiancve 2
prion 2
github 2
alpinelinux 1
freebsd 1
redhatcve 2
ubuntu 2
ubuntucve 2
ibm 2
fedora 9
photon 3
nessus
nessus
RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update (Moderate) (RHSA-2023:5701)
2024-04-28 00:00:00
RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:5758)
2024-04-28 00:00:00
FreeBSD : Django -- multiple vulnerabilities (8fd4f40a-4b7d-11ee-aa2a-080027de9982)
2023-09-05 00:00:00
redhat
redhat
(RHSA-2023:5758) Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
2023-10-16 15:29:02
(RHSA-2023:5208) Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
2023-09-18 18:04:43
(RHSA-2023:7222) Moderate: Migration Toolkit for Containers (MTC) 1.8.2 security and bug fix update
2023-11-15 01:24:24
debian
debian
[SECURITY] [DLA 3558-1] python-django security update
2023-09-08 01:00:48
[SECURITY] [DLA 3695-1] ansible security update
2023-12-28 17:44:26
openvas
openvas
Django < 3.2.21, 4.1.x < 4.1.11, 4.2.x < 4.2.5 DoS Vulnerability - Windows
2023-11-06 00:00:00
Debian: Security Advisory (DLA-3558-1)
2023-09-08 00:00:00
Ubuntu: Security Advisory (USN-6378-1)
2023-09-19 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-09-05 05:18:03
Arbitrary File Overwrite
2023-10-09 13:55:49
Path Traversal
2023-10-16 08:45:08
cvelist
cvelist
CVE-2023-41164
2023-11-03 00:00:00
CVE-2023-5115 Ansible: malicious role archive can cause ansible-galaxy to overwrite arbitrary files
2023-12-18 13:43:07
osv
osv
python-django - security update
2023-09-07 00:00:00
Django Denial of service vulnerability in django.utils.encoding.uri_to_iri
2023-11-03 06:36:29
PYSEC-2023-225
2023-11-03 05:15:00
cve
cve
CVE-2023-41164
2023-11-03 05:15:29
CVE-2023-5115
2023-12-18 13:43:07
debiancve
debiancve
CVE-2023-41164
2023-11-03 05:15:29
CVE-2023-5115
2023-12-18 13:43:07
prion
prion
Design/Logic Flaw
2023-11-03 05:15:00
Path traversal
2023-12-18 14:15:00
github
github
Django Denial of service vulnerability in django.utils.encoding.uri_to_iri
2023-11-03 06:36:29
Ansible symlink attack vulnerability
2023-12-28 21:30:37
alpinelinux
alpinelinux
CVE-2023-41164
2023-11-03 05:15:29
freebsd
freebsd
Django -- multiple vulnerabilities
2023-09-01 00:00:00
redhatcve
redhatcve
CVE-2023-41164
2023-09-05 15:35:56
CVE-2023-5115
2023-09-21 19:54:54
ubuntu
ubuntu
Django vulnerability
2023-09-18 00:00:00
Django vulnerabilities
2023-10-04 00:00:00
ubuntucve
ubuntucve
CVE-2023-41164
2023-09-04 00:00:00
CVE-2023-5115
2023-12-18 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Ansible - CVE-2023-5115
2024-03-28 11:50:19
Security Bulletin: IBM Planning Analytics Cartridge for IBM Cloud Pak for Data 4.8.1 is affected but not considered vulnerable to multiple vulnerabilities
2023-12-26 21:15:04
fedora
fedora
[SECURITY] Fedora 38 Update: ansible-core-2.14.11-1.fc38
2023-10-21 01:30:04
[SECURITY] Fedora 39 Update: ansible-core-2.16.0~b2-1.fc39
2023-10-13 16:20:35
[SECURITY] Fedora 37 Update: ansible-core-2.14.11-1.fc37
2023-10-21 01:26:17
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0547
2024-01-12 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0184
2024-01-04 00:00:00
Critical Photon OS Security Update - PHSA-2024-3.0-0717
2024-01-25 00:00:00

0.001 Low

EPSS

Percentile

40.2%

JSON
Related for RHSA-2023:5701
nessus16redhat5debian2openvas14veracode3cvelist2osv9cve2debiancve2prion2github2alpinelinux1freebsd1redhatcve2ubuntu2ubuntucve2ibm2fedora9photon3