RHSA-2024:1640
- Source
- https://access.redhat.com/errata/RHSA-2024:1640
- Import Source
- https://security.access.redhat.com/data/osv/RHSA-2024:1640.json
- JSON Data
- https://api.osv.dev/v1/vulns/RHSA-2024:1640
- Related
- Published
- 2024-09-30T15:52:23Z
- Modified
- 2024-10-29T21:01:58Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
- Details
- References
-
- https://access.redhat.com/errata/RHSA-2024:1640
- https://access.redhat.com/security/updates/classification/#moderate
- https://bugzilla.redhat.com/show_bug.cgi?id=2246264
- https://bugzilla.redhat.com/show_bug.cgi?id=2247040
- https://bugzilla.redhat.com/show_bug.cgi?id=2248979
- https://bugzilla.redhat.com/show_bug.cgi?id=2249825
- https://bugzilla.redhat.com/show_bug.cgi?id=2253330
- https://bugzilla.redhat.com/show_bug.cgi?id=2255331
- https://bugzilla.redhat.com/show_bug.cgi?id=2257854
- https://bugzilla.redhat.com/show_bug.cgi?id=2261856
- https://bugzilla.redhat.com/show_bug.cgi?id=2261887
- https://bugzilla.redhat.com/show_bug.cgi?id=2261909
- https://bugzilla.redhat.com/show_bug.cgi?id=2262921
- https://bugzilla.redhat.com/show_bug.cgi?id=2266045
- https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1640.json
- https://access.redhat.com/security/cve/CVE-2023-39326
- https://www.cve.org/CVERecord?id=CVE-2023-39326
- https://nvd.nist.gov/vuln/detail/CVE-2023-39326
- https://pkg.go.dev/vuln/GO-2023-2382
- https://access.redhat.com/security/cve/CVE-2023-41040
- https://www.cve.org/CVERecord?id=CVE-2023-41040
- https://nvd.nist.gov/vuln/detail/CVE-2023-41040
- https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c
- https://access.redhat.com/security/cve/CVE-2023-45857
- https://www.cve.org/CVERecord?id=CVE-2023-45857
- https://nvd.nist.gov/vuln/detail/CVE-2023-45857
- https://access.redhat.com/security/cve/CVE-2023-46137
- https://www.cve.org/CVERecord?id=CVE-2023-46137
- https://nvd.nist.gov/vuln/detail/CVE-2023-46137
- https://access.redhat.com/security/cve/CVE-2023-47627
- https://www.cve.org/CVERecord?id=CVE-2023-47627
- https://nvd.nist.gov/vuln/detail/CVE-2023-47627
- https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg
- https://access.redhat.com/security/cve/CVE-2023-49083
- https://www.cve.org/CVERecord?id=CVE-2023-49083
- https://nvd.nist.gov/vuln/detail/CVE-2023-49083
- https://github.com/pyca/cryptography/commit/f09c261ca10a31fe41b1262306db7f8f1da0e48a
- https://github.com/pyca/cryptography/pull/9926
- https://github.com/pyca/cryptography/security/advisories/GHSA-jfhm-5ghh-2f97
- https://access.redhat.com/security/cve/CVE-2024-1394
- https://www.cve.org/CVERecord?id=CVE-2024-1394
- https://nvd.nist.gov/vuln/detail/CVE-2024-1394
- https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136
- https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6
- https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f
- https://pkg.go.dev/vuln/GO-2024-2660
- https://vuln.go.dev/ID/GO-2024-2660.json
- https://access.redhat.com/security/cve/CVE-2024-22195
- https://www.cve.org/CVERecord?id=CVE-2024-22195
- https://nvd.nist.gov/vuln/detail/CVE-2024-22195
- https://github.com/pallets/jinja/releases/tag/3.1.3
- https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95
- https://access.redhat.com/security/cve/CVE-2024-23334
- https://www.cve.org/CVERecord?id=CVE-2024-23334
- https://nvd.nist.gov/vuln/detail/CVE-2024-23334
- https://github.com/aio-libs/aiohttp/security/advisories/GHSA-5h86-8mv2-jq9f
- https://access.redhat.com/security/cve/CVE-2024-23829
- https://www.cve.org/CVERecord?id=CVE-2024-23829
- https://nvd.nist.gov/vuln/detail/CVE-2024-23829
- https://github.com/aio-libs/aiohttp/security/advisories/GHSA-8qpw-xqxj-h4r2
- https://access.redhat.com/security/cve/CVE-2024-24680
- https://www.cve.org/CVERecord?id=CVE-2024-24680
- https://nvd.nist.gov/vuln/detail/CVE-2024-24680
- https://github.com/advisories/GHSA-xxj9-f6rv-m3x4
- https://www.djangoproject.com/weblog/2024/feb/06/security-releases/
- https://access.redhat.com/security/cve/CVE-2024-27351
- https://www.cve.org/CVERecord?id=CVE-2024-27351
- https://nvd.nist.gov/vuln/detail/CVE-2024-27351
- https://www.djangoproject.com/weblog/2024/mar/04/security-releases/
Affected packages
Red Hat:ansible_automation_platform_developer:2.4::el8 / receptor
Package
- Name
- receptor
- Purl
- pkg:rpm/redhat/receptor
Red Hat:ansible_automation_platform_developer:2.4::el8 / receptorctl
Package
- Name
- receptorctl
- Purl
- pkg:rpm/redhat/receptorctl
Red Hat:ansible_automation_platform_inside:2.4::el8 / receptor
Package
- Name
- receptor
- Purl
- pkg:rpm/redhat/receptor
Red Hat:ansible_automation_platform_inside:2.4::el8 / receptorctl
Package
- Name
- receptorctl
- Purl
- pkg:rpm/redhat/receptorctl
Red Hat:ansible_automation_platform:2.4::el8 / receptor
Package
- Name
- receptor
- Purl
- pkg:rpm/redhat/receptor
Red Hat:ansible_automation_platform:2.4::el8 / receptorctl
Package
- Name
- receptorctl
- Purl
- pkg:rpm/redhat/receptorctl
Red Hat:ansible_automation_platform_developer:2.4::el9 / receptor
Package
- Name
- receptor
- Purl
- pkg:rpm/redhat/receptor
Red Hat:ansible_automation_platform_developer:2.4::el9 / receptorctl
Package
- Name
- receptorctl
- Purl
- pkg:rpm/redhat/receptorctl
Red Hat:ansible_automation_platform_inside:2.4::el9 / receptor
Package
- Name
- receptor
- Purl
- pkg:rpm/redhat/receptor
Red Hat:ansible_automation_platform_inside:2.4::el9 / receptorctl
Package
- Name
- receptorctl
- Purl
- pkg:rpm/redhat/receptorctl
Red Hat:ansible_automation_platform:2.4::el9 / receptor
Package
- Name
- receptor
- Purl
- pkg:rpm/redhat/receptor
Red Hat:ansible_automation_platform:2.4::el9 / receptorctl
Package
- Name
- receptorctl
- Purl
- pkg:rpm/redhat/receptorctl
Red Hat:ansible_automation_platform:2.4::el8 / automation-controller-venv-tower
Package
- Name
- automation-controller-venv-tower
- Purl
- pkg:rpm/redhat/automation-controller-venv-tower
Red Hat:ansible_automation_platform:2.4::el9 / automation-controller-venv-tower
Package
- Name
- automation-controller-venv-tower
- Purl
- pkg:rpm/redhat/automation-controller-venv-tower
Red Hat:ansible_automation_platform:2.4::el8 / python39-aiohttp
Package
- Name
- python39-aiohttp
- Purl
- pkg:rpm/redhat/python39-aiohttp
Red Hat:ansible_automation_platform:2.4::el8 / python39-aiohttp-debuginfo
Package
- Name
- python39-aiohttp-debuginfo
- Purl
- pkg:rpm/redhat/python39-aiohttp-debuginfo
Red Hat:ansible_automation_platform:2.4::el8 / python3x-aiohttp
Package
- Name
- python3x-aiohttp
- Purl
- pkg:rpm/redhat/python3x-aiohttp
Red Hat:ansible_automation_platform:2.4::el8 / python3x-aiohttp-debugsource
Package
- Name
- python3x-aiohttp-debugsource
- Purl
- pkg:rpm/redhat/python3x-aiohttp-debugsource
Red Hat:ansible_automation_platform:2.4::el9 / python-aiohttp
Package
- Name
- python-aiohttp
- Purl
- pkg:rpm/redhat/python-aiohttp
Red Hat:ansible_automation_platform:2.4::el9 / python-aiohttp-debugsource
Package
- Name
- python-aiohttp-debugsource
- Purl
- pkg:rpm/redhat/python-aiohttp-debugsource
Red Hat:ansible_automation_platform:2.4::el9 / python3-aiohttp
Package
- Name
- python3-aiohttp
- Purl
- pkg:rpm/redhat/python3-aiohttp
Red Hat:ansible_automation_platform:2.4::el9 / python3-aiohttp-debuginfo
Package
- Name
- python3-aiohttp-debuginfo
- Purl
- pkg:rpm/redhat/python3-aiohttp-debuginfo
Red Hat:ansible_automation_platform:2.4::el8 / python39-django
Package
- Name
- python39-django
- Purl
- pkg:rpm/redhat/python39-django
Red Hat:ansible_automation_platform:2.4::el8 / python3x-django
Package
- Name
- python3x-django
- Purl
- pkg:rpm/redhat/python3x-django
Red Hat:ansible_automation_platform:2.4::el9 / python-django
Package
- Name
- python-django
- Purl
- pkg:rpm/redhat/python-django