6 matches found
CVE-2026-12726
A flaw was found in the AWX GitHub webhook integration. When processing GitHub pullrequest webhooks, the controller stores the pullrequest.statusesurl value from the webhook payload without validating that it points to a trusted GitHub API endpoint. If a job template is configured with a GitHub...
CVE-2026-12726
A flaw was found in the AWX GitHub webhook integration. When processing GitHub pullrequest webhooks, the controller stores the pullrequest.statusesurl value from the webhook payload without validating that it points to a trusted GitHub API endpoint. If a job template is configured with a GitHub...
CVE-2026-12726 Awx: automation-controller: awx: github webhook second-order ssrf via unvalidated statuses_url exfiltrates pat credential
A flaw was found in the AWX GitHub webhook integration. When processing GitHub pullrequest webhooks, the controller stores the pullrequest.statusesurl value from the webhook payload without validating that it points to a trusted GitHub API endpoint. If a job template is configured with a GitHub...
CVE-2025-69227 vulnerabilities
Vulnerabilities for packages: gitlab-cng, awx, kubeflow-pipelines-visualization-server, open-webui, request-1276, py3-vllm-cuda-12.4, py3.13-scanner-test-libraries-aiohttp, apache-beam-python-3.11-sdk, authentik, checkov, dask-kubernetes, kserve, airflow, py3-cassandra-medusa...
Ansible AWX WebUI Detection
Binary data ansibleawxdetect.nbin...
Ansible AWX Installed (Linux/UNIX)
Binary data ansibleawxnixinstalled.nbin...