Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/automation-controller@4.5.13-1?arch=el9ap
Typerpm
Namespaceredhat
Nameautomation-controller
Version4.5.13-1
Qualifiers
arch el9ap
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-gmsu-xfke-47bg
vulnerability_id VCID-gmsu-xfke-47bg
summary 
DOMPurify allows tampering by prototype pollution
It has been discovered that malicious HTML using special nesting techniques can bypass the depth checking added to DOMPurify in recent releases. It was also possible to use Prototype Pollution to weaken the depth check.

This renders dompurify unable to avoid XSS attack.

Fixed by https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21 (3.x branch) and https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc (2.x branch).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45801.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45801.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-45801
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21643
published_at 2026-04-21T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.21673
published_at 2026-04-18T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21667
published_at 2026-04-16T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21668
published_at 2026-04-13T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21724
published_at 2026-04-12T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21764
published_at 2026-04-11T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.21753
published_at 2026-04-09T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.21696
published_at 2026-04-08T12:55:00Z
8
value 0.00071
scoring_system epss
scoring_elements 0.2162
published_at 2026-04-07T12:55:00Z
9
value 0.00071
scoring_system epss
scoring_elements 0.21868
published_at 2026-04-04T12:55:00Z
10
value 0.00071
scoring_system epss
scoring_elements 0.21815
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-45801
2
reference_url https://github.com/cure53/DOMPurify
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
1
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/cure53/DOMPurify
3
reference_url https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
1
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
2
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T20:04:30Z/
url https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21
4
reference_url https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
1
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
2
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T20:04:30Z/
url https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc
5
reference_url https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
1
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
4
value HIGH
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T20:04:30Z/
url https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-45801
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
1
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-45801
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2312631
reference_id 2312631
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2312631
8
reference_url https://github.com/advisories/GHSA-mmhx-hmjr-r674
reference_id GHSA-mmhx-hmjr-r674
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mmhx-hmjr-r674
9
reference_url https://access.redhat.com/errata/RHSA-2024:11381
reference_id RHSA-2024:11381
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11381
10
reference_url https://access.redhat.com/errata/RHSA-2024:7324
reference_id RHSA-2024:7324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7324
11
reference_url https://access.redhat.com/errata/RHSA-2024:7706
reference_id RHSA-2024:7706
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7706
12
reference_url https://access.redhat.com/errata/RHSA-2024:8014
reference_id RHSA-2024:8014
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8014
13
reference_url https://access.redhat.com/errata/RHSA-2025:0892
reference_id RHSA-2025:0892
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0892
14
reference_url https://access.redhat.com/errata/RHSA-2025:4019
reference_id RHSA-2025:4019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4019
fixed_packages
aliases CVE-2024-45801, GHSA-mmhx-hmjr-r674
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gmsu-xfke-47bg
1
url VCID-r95c-k4nq-jbd1
vulnerability_id VCID-r95c-k4nq-jbd1
summary 
path-to-regexp outputs backtracking regular expressions
### Impact

A bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period (`.`). For example, `/:a-:b`.

### Patches

For users of 0.1, upgrade to `0.1.10`. All other users should upgrade to `8.0.0`.

These versions add backtrack protection when a custom regex pattern is not provided:

- [0.1.10](https://github.com/pillarjs/path-to-regexp/releases/tag/v0.1.10)
- [1.9.0](https://github.com/pillarjs/path-to-regexp/releases/tag/v1.9.0)
- [3.3.0](https://github.com/pillarjs/path-to-regexp/releases/tag/v3.3.0)
- [6.3.0](https://github.com/pillarjs/path-to-regexp/releases/tag/v6.3.0)

They do not protect against vulnerable user supplied capture groups. Protecting against explicit user patterns is out of scope for old versions and not considered a vulnerability.

Version [7.1.0](https://github.com/pillarjs/path-to-regexp/releases/tag/v7.1.0) can enable `strict: true` and get an error when the regular expression might be bad.

Version [8.0.0](https://github.com/pillarjs/path-to-regexp/releases/tag/v8.0.0) removes the features that can cause a ReDoS.

### Workarounds

All versions can be patched by providing a custom regular expression for parameters after the first in a single segment. As long as the custom regular expression does not match the text before the parameter, you will be safe. For example, change `/:a-:b` to `/:a-:b([^-/]+)`.

If paths cannot be rewritten and versions cannot be upgraded, another alternative is to limit the URL length. For example, halving the attack string improves performance by 4x faster.

### Details

Using `/:a-:b` will produce the regular expression `/^\/([^\/]+?)-([^\/]+?)\/?$/`. This can be exploited by a path such as `/a${'-a'.repeat(8_000)}/a`. [OWASP](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS) has a good example of why this occurs, but the TL;DR is the `/a` at the end ensures this route would never match but due to naive backtracking it will still attempt every combination of the `:a-:b` on the repeated 8,000 `-a`.

Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event loop and can lead to a DoS. In local benchmarks, exploiting the unsafe regex will result in performance that is over 1000x worse than the safe regex. In a more realistic environment using Express v4 and 10 concurrent connections, this translated to average latency of ~600ms vs 1ms.

### References

* [OWASP](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)
* [Detailed blog post](https://blakeembrey.com/posts/2024-09-web-redos/)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45296.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45296.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-45296
reference_id
reference_type
scores
0
value 0.00064
scoring_system epss
scoring_elements 0.19885
published_at 2026-04-21T12:55:00Z
1
value 0.00064
scoring_system epss
scoring_elements 0.19888
published_at 2026-04-18T12:55:00Z
2
value 0.00064
scoring_system epss
scoring_elements 0.19883
published_at 2026-04-16T12:55:00Z
3
value 0.00064
scoring_system epss
scoring_elements 0.19905
published_at 2026-04-13T12:55:00Z
4
value 0.00064
scoring_system epss
scoring_elements 0.19964
published_at 2026-04-12T12:55:00Z
5
value 0.00064
scoring_system epss
scoring_elements 0.20069
published_at 2026-04-02T12:55:00Z
6
value 0.00064
scoring_system epss
scoring_elements 0.20127
published_at 2026-04-04T12:55:00Z
7
value 0.00064
scoring_system epss
scoring_elements 0.19855
published_at 2026-04-07T12:55:00Z
8
value 0.00064
scoring_system epss
scoring_elements 0.19934
published_at 2026-04-08T12:55:00Z
9
value 0.00064
scoring_system epss
scoring_elements 0.20008
published_at 2026-04-11T12:55:00Z
10
value 0.00064
scoring_system epss
scoring_elements 0.19989
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-45296
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45296
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45296
3
reference_url https://github.com/pillarjs/path-to-regexp
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pillarjs/path-to-regexp
4
reference_url https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T19:32:57Z/
url https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f
5
reference_url https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T19:32:57Z/
url https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6
6
reference_url https://github.com/pillarjs/path-to-regexp/commit/925ac8e3c5780b02f58cbd4e52f95da8ad2ac485
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pillarjs/path-to-regexp/commit/925ac8e3c5780b02f58cbd4e52f95da8ad2ac485
7
reference_url https://github.com/pillarjs/path-to-regexp/commit/d31670ae8f6e69cbfd56e835742195b7d10942ef
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pillarjs/path-to-regexp/commit/d31670ae8f6e69cbfd56e835742195b7d10942ef
8
reference_url https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894
9
reference_url https://github.com/pillarjs/path-to-regexp/releases/tag/v6.3.0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pillarjs/path-to-regexp/releases/tag/v6.3.0
10
reference_url https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-09T19:32:57Z/
url https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-45296
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-45296
12
reference_url https://security.netapp.com/advisory/ntap-20250124-0001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20250124-0001
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081656
reference_id 1081656
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081656
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2310908
reference_id 2310908
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2310908
15
reference_url https://access.redhat.com/errata/RHSA-2024:10236
reference_id RHSA-2024:10236
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10236
16
reference_url https://access.redhat.com/errata/RHSA-2024:10857
reference_id RHSA-2024:10857
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10857
17
reference_url https://access.redhat.com/errata/RHSA-2024:10865
reference_id RHSA-2024:10865
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10865
18
reference_url https://access.redhat.com/errata/RHSA-2024:10906
reference_id RHSA-2024:10906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10906
19
reference_url https://access.redhat.com/errata/RHSA-2024:10917
reference_id RHSA-2024:10917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10917
20
reference_url https://access.redhat.com/errata/RHSA-2024:10962
reference_id RHSA-2024:10962
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10962
21
reference_url https://access.redhat.com/errata/RHSA-2024:11293
reference_id RHSA-2024:11293
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11293
22
reference_url https://access.redhat.com/errata/RHSA-2024:11381
reference_id RHSA-2024:11381
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11381
23
reference_url https://access.redhat.com/errata/RHSA-2024:7324
reference_id RHSA-2024:7324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7324
24
reference_url https://access.redhat.com/errata/RHSA-2024:7599
reference_id RHSA-2024:7599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7599
25
reference_url https://access.redhat.com/errata/RHSA-2024:7726
reference_id RHSA-2024:7726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7726
26
reference_url https://access.redhat.com/errata/RHSA-2024:8014
reference_id RHSA-2024:8014
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8014
27
reference_url https://access.redhat.com/errata/RHSA-2024:8581
reference_id RHSA-2024:8581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8581
28
reference_url https://access.redhat.com/errata/RHSA-2024:8676
reference_id RHSA-2024:8676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8676
29
reference_url https://access.redhat.com/errata/RHSA-2024:9884
reference_id RHSA-2024:9884
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9884
30
reference_url https://access.redhat.com/errata/RHSA-2024:9885
reference_id RHSA-2024:9885
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9885
31
reference_url https://access.redhat.com/errata/RHSA-2025:0082
reference_id RHSA-2025:0082
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0082
32
reference_url https://access.redhat.com/errata/RHSA-2025:0164
reference_id RHSA-2025:0164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0164
33
reference_url https://access.redhat.com/errata/RHSA-2025:0323
reference_id RHSA-2025:0323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0323
34
reference_url https://access.redhat.com/errata/RHSA-2025:0664
reference_id RHSA-2025:0664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0664
35
reference_url https://access.redhat.com/errata/RHSA-2025:0875
reference_id RHSA-2025:0875
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0875
36
reference_url https://access.redhat.com/errata/RHSA-2025:3368
reference_id RHSA-2025:3368
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3368
37
reference_url https://access.redhat.com/errata/RHSA-2025:3397
reference_id RHSA-2025:3397
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3397
fixed_packages
aliases CVE-2024-45296, GHSA-9wv6-86v2-598j
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r95c-k4nq-jbd1
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/automation-controller@4.5.13-1%3Farch=el9ap