VYPR

aap-gateway

by Red Hat

CVEs (3)

  • CVE-2025-1801HigMar 3, 2025
    risk 0.53cvss 8.1epss 0.00

    A flaw was found in the Ansible aap-gateway. Concurrent requests handled by the gateway grpc service can result in concurrency issues due to race condition requests against the proxy. This issue potentially allows a less privileged user to obtain the JWT of a greater privileged…

  • CVE-2024-10033MedOct 16, 2024
    risk 0.40cvss 6.1epss 0.00

    A vulnerability was found in aap-gateway. A Cross-site Scripting (XSS) vulnerability exists in the gateway component. This flaw allows a malicious user to perform actions that impact users by using the "?next=" in a URL, which can lead to redirecting, injecting malicious script,…

  • CVE-2025-5988MedAug 4, 2025
    risk 0.34cvss 5.3epss 0.00

    A flaw was found in the Ansible aap-gateway. Cross-site request forgery (CSRF) origin checking is not done on requests from the gateway to external components, such as the controller, hub, and eda.