Vulnerability Database
Blog
FAQ
Docs
RHSA-2024:1640
See a problem?
Source
https://access.redhat.com/errata/RHSA-2024:1640
Import Source
https://security.access.redhat.com/data/osv/RHSA-2024:1640.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2024:1640
Related
CVE-2023-39326
CVE-2023-41040
CVE-2023-45857
CVE-2023-46137
CVE-2023-47627
CVE-2023-49083
CVE-2024-1394
CVE-2024-22195
CVE-2024-23334
CVE-2024-23829
CVE-2024-24680
CVE-2024-27351
GO-2023-2382
GO-2024-2660
Published
2024-09-30T15:52:23Z
Modified
2024-10-29T21:01:58Z
Severity
7.5 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
Details
References
https://access.redhat.com/errata/RHSA-2024:1640
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2246264
https://bugzilla.redhat.com/show_bug.cgi?id=2247040
https://bugzilla.redhat.com/show_bug.cgi?id=2248979
https://bugzilla.redhat.com/show_bug.cgi?id=2249825
https://bugzilla.redhat.com/show_bug.cgi?id=2253330
https://bugzilla.redhat.com/show_bug.cgi?id=2255331
https://bugzilla.redhat.com/show_bug.cgi?id=2257854
https://bugzilla.redhat.com/show_bug.cgi?id=2261856
https://bugzilla.redhat.com/show_bug.cgi?id=2261887
https://bugzilla.redhat.com/show_bug.cgi?id=2261909
https://bugzilla.redhat.com/show_bug.cgi?id=2262921
https://bugzilla.redhat.com/show_bug.cgi?id=2266045
https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1640.json
https://access.redhat.com/security/cve/CVE-2023-39326
https://www.cve.org/CVERecord?id=CVE-2023-39326
https://nvd.nist.gov/vuln/detail/CVE-2023-39326
https://pkg.go.dev/vuln/GO-2023-2382
https://access.redhat.com/security/cve/CVE-2023-41040
https://www.cve.org/CVERecord?id=CVE-2023-41040
https://nvd.nist.gov/vuln/detail/CVE-2023-41040
https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c
https://access.redhat.com/security/cve/CVE-2023-45857
https://www.cve.org/CVERecord?id=CVE-2023-45857
https://nvd.nist.gov/vuln/detail/CVE-2023-45857
https://access.redhat.com/security/cve/CVE-2023-46137
https://www.cve.org/CVERecord?id=CVE-2023-46137
https://nvd.nist.gov/vuln/detail/CVE-2023-46137
https://access.redhat.com/security/cve/CVE-2023-47627
https://www.cve.org/CVERecord?id=CVE-2023-47627
https://nvd.nist.gov/vuln/detail/CVE-2023-47627
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg
https://access.redhat.com/security/cve/CVE-2023-49083
https://www.cve.org/CVERecord?id=CVE-2023-49083
https://nvd.nist.gov/vuln/detail/CVE-2023-49083
https://github.com/pyca/cryptography/commit/f09c261ca10a31fe41b1262306db7f8f1da0e48a
https://github.com/pyca/cryptography/pull/9926
https://github.com/pyca/cryptography/security/advisories/GHSA-jfhm-5ghh-2f97
https://access.redhat.com/security/cve/CVE-2024-1394
https://www.cve.org/CVERecord?id=CVE-2024-1394
https://nvd.nist.gov/vuln/detail/CVE-2024-1394
https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136
https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6
https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f
https://pkg.go.dev/vuln/GO-2024-2660
https://vuln.go.dev/ID/GO-2024-2660.json
https://access.redhat.com/security/cve/CVE-2024-22195
https://www.cve.org/CVERecord?id=CVE-2024-22195
https://nvd.nist.gov/vuln/detail/CVE-2024-22195
https://github.com/pallets/jinja/releases/tag/3.1.3
https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95
https://access.redhat.com/security/cve/CVE-2024-23334
https://www.cve.org/CVERecord?id=CVE-2024-23334
https://nvd.nist.gov/vuln/detail/CVE-2024-23334
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-5h86-8mv2-jq9f
https://access.redhat.com/security/cve/CVE-2024-23829
https://www.cve.org/CVERecord?id=CVE-2024-23829
https://nvd.nist.gov/vuln/detail/CVE-2024-23829
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-8qpw-xqxj-h4r2
https://access.redhat.com/security/cve/CVE-2024-24680
https://www.cve.org/CVERecord?id=CVE-2024-24680
https://nvd.nist.gov/vuln/detail/CVE-2024-24680
https://github.com/advisories/GHSA-xxj9-f6rv-m3x4
https://www.djangoproject.com/weblog/2024/feb/06/security-releases/
https://access.redhat.com/security/cve/CVE-2024-27351
https://www.cve.org/CVERecord?id=CVE-2024-27351
https://nvd.nist.gov/vuln/detail/CVE-2024-27351
https://www.djangoproject.com/weblog/2024/mar/04/security-releases/
Affected packages
Red Hat:ansible_automation_platform_developer:2.4::el8
/
receptor
Package
Name
receptor
Purl
pkg:rpm/redhat/receptor
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.4.5-1.el8ap
Red Hat:ansible_automation_platform_developer:2.4::el8
/
receptorctl
Package
Name
receptorctl
Purl
pkg:rpm/redhat/receptorctl
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.4.5-1.el8ap
Red Hat:ansible_automation_platform_inside:2.4::el8
/
receptor
Package
Name
receptor
Purl
pkg:rpm/redhat/receptor
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.4.5-1.el8ap
Red Hat:ansible_automation_platform_inside:2.4::el8
/
receptorctl
Package
Name
receptorctl
Purl
pkg:rpm/redhat/receptorctl
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.4.5-1.el8ap
Red Hat:ansible_automation_platform:2.4::el8
/
receptor
Package
Name
receptor
Purl
pkg:rpm/redhat/receptor
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.4.5-1.el8ap
Red Hat:ansible_automation_platform:2.4::el8
/
receptorctl
Package
Name
receptorctl
Purl
pkg:rpm/redhat/receptorctl
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.4.5-1.el8ap
Red Hat:ansible_automation_platform_developer:2.4::el9
/
receptor
Package
Name
receptor
Purl
pkg:rpm/redhat/receptor
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.4.5-1.el9ap
Red Hat:ansible_automation_platform_developer:2.4::el9
/
receptorctl
Package
Name
receptorctl
Purl
pkg:rpm/redhat/receptorctl
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.4.5-1.el9ap
Red Hat:ansible_automation_platform_inside:2.4::el9
/
receptor
Package
Name
receptor
Purl
pkg:rpm/redhat/receptor
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.4.5-1.el9ap
Red Hat:ansible_automation_platform_inside:2.4::el9
/
receptorctl
Package
Name
receptorctl
Purl
pkg:rpm/redhat/receptorctl
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.4.5-1.el9ap
Red Hat:ansible_automation_platform:2.4::el9
/
receptor
Package
Name
receptor
Purl
pkg:rpm/redhat/receptor
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.4.5-1.el9ap
Red Hat:ansible_automation_platform:2.4::el9
/
receptorctl
Package
Name
receptorctl
Purl
pkg:rpm/redhat/receptorctl
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.4.5-1.el9ap
Red Hat:ansible_automation_platform:2.4::el8
/
automation-controller-venv-tower
Package
Name
automation-controller-venv-tower
Purl
pkg:rpm/redhat/automation-controller-venv-tower
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.5-2.el8ap
Red Hat:ansible_automation_platform:2.4::el9
/
automation-controller-venv-tower
Package
Name
automation-controller-venv-tower
Purl
pkg:rpm/redhat/automation-controller-venv-tower
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.5-2.el9ap
Red Hat:ansible_automation_platform:2.4::el8
/
python39-aiohttp
Package
Name
python39-aiohttp
Purl
pkg:rpm/redhat/python39-aiohttp
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.3-1.el8ap
Red Hat:ansible_automation_platform:2.4::el8
/
python39-aiohttp-debuginfo
Package
Name
python39-aiohttp-debuginfo
Purl
pkg:rpm/redhat/python39-aiohttp-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.3-1.el8ap
Red Hat:ansible_automation_platform:2.4::el8
/
python3x-aiohttp
Package
Name
python3x-aiohttp
Purl
pkg:rpm/redhat/python3x-aiohttp
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.3-1.el8ap
Red Hat:ansible_automation_platform:2.4::el8
/
python3x-aiohttp-debugsource
Package
Name
python3x-aiohttp-debugsource
Purl
pkg:rpm/redhat/python3x-aiohttp-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.3-1.el8ap
Red Hat:ansible_automation_platform:2.4::el9
/
python-aiohttp
Package
Name
python-aiohttp
Purl
pkg:rpm/redhat/python-aiohttp
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.3-1.el9ap
Red Hat:ansible_automation_platform:2.4::el9
/
python-aiohttp-debugsource
Package
Name
python-aiohttp-debugsource
Purl
pkg:rpm/redhat/python-aiohttp-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.3-1.el9ap
Red Hat:ansible_automation_platform:2.4::el9
/
python3-aiohttp
Package
Name
python3-aiohttp
Purl
pkg:rpm/redhat/python3-aiohttp
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.3-1.el9ap
Red Hat:ansible_automation_platform:2.4::el9
/
python3-aiohttp-debuginfo
Package
Name
python3-aiohttp-debuginfo
Purl
pkg:rpm/redhat/python3-aiohttp-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.3-1.el9ap
Red Hat:ansible_automation_platform:2.4::el8
/
python39-django
Package
Name
python39-django
Purl
pkg:rpm/redhat/python39-django
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.2.11-1.el8ap
Red Hat:ansible_automation_platform:2.4::el8
/
python3x-django
Package
Name
python3x-django
Purl
pkg:rpm/redhat/python3x-django
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.2.11-1.el8ap
Red Hat:ansible_automation_platform:2.4::el9
/
python-django
Package
Name
python-django
Purl
pkg:rpm/redhat/python-django
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.2.11-1.el9ap
Red Hat:ansible_automation_platform:2.4::el9
/
python3-django
Package
Name
python3-django
Purl
pkg:rpm/redhat/python3-django
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.2.11-1.el9ap
RHSA-2024:1640 - OSV