5 matches found
CVE-2026-12726
A flaw was found in the AWX GitHub webhook integration. When processing GitHub pullrequest webhooks, the controller stores the pullrequest.statusesurl value from the webhook payload without validating that it points to a trusted GitHub API endpoint. If a job template is configured with a GitHub...
CVE-2026-12726 Awx: automation-controller: awx: github webhook second-order ssrf via unvalidated statuses_url exfiltrates pat credential
A flaw was found in the AWX GitHub webhook integration. When processing GitHub pullrequest webhooks, the controller stores the pullrequest.statusesurl value from the webhook payload without validating that it points to a trusted GitHub API endpoint. If a job template is configured with a GitHub...
CVE-2025-69227 vulnerabilities
Vulnerabilities for packages: request-1276, open-webui, checkov, authentik, py3-vllm-cuda-12.4, kubeflow-pipelines-visualization-server, apache-beam-python-3.11-sdk, awx, py3.13-scanner-test-libraries-aiohttp, gitlab-cng, dask-kubernetes, py3-cassandra-medusa, kserve, airflow...
Ansible AWX WebUI Detection
Binary data ansibleawxdetect.nbin...
Ansible AWX Installed (Linux/UNIX)
Binary data ansibleawxnixinstalled.nbin...