Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
light_mode
dark_mode
RHSA-2026:34160
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2026:34160
Import Source
https://security.access.redhat.com/data/osv/RHSA-2026:34160.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2026:34160
Upstream
CVE-2026-33154
CVE-2026-41240
CVE-2026-42035
CVE-2026-44293
CVE-2026-44431
CVE-2026-44432
CVE-2026-44488
CVE-2026-44495
CVE-2026-48526
CVE-2026-6322
Published
2026-07-02T10:17:34Z
Modified
2026-07-10T10:09:39Z
Severity
8.1 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CVSS Calculator
Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update
Details
References
https://access.redhat.com/errata/RHSA-2026:34160
https://access.redhat.com/security/updates/classification/#important
https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.6/whats_new-async_updates
https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.6#Upgrade
https://bugzilla.redhat.com/show_bug.cgi?id=2449774
https://bugzilla.redhat.com/show_bug.cgi?id=2461147
https://bugzilla.redhat.com/show_bug.cgi?id=2461606
https://bugzilla.redhat.com/show_bug.cgi?id=2466684
https://bugzilla.redhat.com/show_bug.cgi?id=2477104
https://bugzilla.redhat.com/show_bug.cgi?id=2477154
https://bugzilla.redhat.com/show_bug.cgi?id=2477167
https://bugzilla.redhat.com/show_bug.cgi?id=2482734
https://bugzilla.redhat.com/show_bug.cgi?id=2487937
https://bugzilla.redhat.com/show_bug.cgi?id=2487949
https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_34160.json
https://access.redhat.com/security/cve/CVE-2026-6322
https://www.cve.org/CVERecord?id=CVE-2026-6322
https://nvd.nist.gov/vuln/detail/CVE-2026-6322
https://cna.openjsf.org/security-advisories.html
https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc
https://access.redhat.com/security/cve/CVE-2026-33154
https://www.cve.org/CVERecord?id=CVE-2026-33154
https://nvd.nist.gov/vuln/detail/CVE-2026-33154
https://github.com/dynaconf/dynaconf/commit/2fbb45ee36b8c0caa5b924fe19f3c1a5e8603fa7
https://github.com/dynaconf/dynaconf/releases/tag/3.2.13
https://github.com/dynaconf/dynaconf/security/advisories/GHSA-pxrr-hq57-q35p
https://access.redhat.com/security/cve/CVE-2026-41240
https://www.cve.org/CVERecord?id=CVE-2026-41240
https://nvd.nist.gov/vuln/detail/CVE-2026-41240
https://github.com/cure53/DOMPurify/commit/c361baa18dbdcb3344a41110f4c48ad85bf48f80
https://github.com/cure53/DOMPurify/releases/tag/3.4.0
https://github.com/cure53/DOMPurify/security/advisories/GHSA-h7mw-gpvr-xq4m
https://access.redhat.com/security/cve/CVE-2026-42035
https://www.cve.org/CVERecord?id=CVE-2026-42035
https://nvd.nist.gov/vuln/detail/CVE-2026-42035
https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9
https://access.redhat.com/security/cve/CVE-2026-44293
https://www.cve.org/CVERecord?id=CVE-2026-44293
https://nvd.nist.gov/vuln/detail/CVE-2026-44293
https://github.com/protobufjs/protobuf.js/security/advisories/GHSA-66ff-xgx4-vchm
https://access.redhat.com/security/cve/CVE-2026-44431
https://www.cve.org/CVERecord?id=CVE-2026-44431
https://nvd.nist.gov/vuln/detail/CVE-2026-44431
https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc
https://access.redhat.com/security/cve/CVE-2026-44432
https://www.cve.org/CVERecord?id=CVE-2026-44432
https://nvd.nist.gov/vuln/detail/CVE-2026-44432
https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j
https://access.redhat.com/security/cve/CVE-2026-44488
https://www.cve.org/CVERecord?id=CVE-2026-44488
https://nvd.nist.gov/vuln/detail/CVE-2026-44488
https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf
https://access.redhat.com/security/cve/CVE-2026-44495
https://www.cve.org/CVERecord?id=CVE-2026-44495
https://nvd.nist.gov/vuln/detail/CVE-2026-44495
https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw
https://access.redhat.com/security/cve/CVE-2026-48526
https://www.cve.org/CVERecord?id=CVE-2026-48526
https://nvd.nist.gov/vuln/detail/CVE-2026-48526
https://github.com/jpadilla/pyjwt/security/advisories/GHSA-xgmm-8j9v-c9wx
Affected packages
Red Hat:ansible_automation_platform:2.6::el9
automation-platform-ui
Package
Name
automation-platform-ui
Purl
pkg:rpm/redhat/automation-platform-ui
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.6.10-1.el9ap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:34160.json"
automation-controller
Package
Name
automation-controller
Purl
pkg:rpm/redhat/automation-controller
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.7.13-2.el9ap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:34160.json"
automation-controller-cli
Package
Name
automation-controller-cli
Purl
pkg:rpm/redhat/automation-controller-cli
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.7.13-2.el9ap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:34160.json"
automation-controller-server
Package
Name
automation-controller-server
Purl
pkg:rpm/redhat/automation-controller-server
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.7.13-2.el9ap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:34160.json"
automation-controller-ui
Package
Name
automation-controller-ui
Purl
pkg:rpm/redhat/automation-controller-ui
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.7.13-2.el9ap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:34160.json"
automation-controller-venv-tower
Package
Name
automation-controller-venv-tower
Purl
pkg:rpm/redhat/automation-controller-venv-tower
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.7.13-2.el9ap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:34160.json"
python3.12-urllib3
Package
Name
python3.12-urllib3
Purl
pkg:rpm/redhat/python3.12-urllib3
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.7.0-1.el9ap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:34160.json"
python3.12-pyjwt+crypto
Package
Name
python3.12-pyjwt+crypto
Purl
pkg:rpm/redhat/python3.12-pyjwt%2Bcrypto
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.13.0-1.el9ap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:34160.json"
python3.12-pyjwt
Package
Name
python3.12-pyjwt
Purl
pkg:rpm/redhat/python3.12-pyjwt
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.13.0-1.el9ap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:34160.json"
Red Hat:ansible_automation_platform_developer:2.6::el9
automation-controller
Package
Name
automation-controller
Purl
pkg:rpm/redhat/automation-controller
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.7.13-2.el9ap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:34160.json"
automation-controller-cli
Package
Name
automation-controller-cli
Purl
pkg:rpm/redhat/automation-controller-cli
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.7.13-2.el9ap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:34160.json"
python3.12-urllib3
Package
Name
python3.12-urllib3
Purl
pkg:rpm/redhat/python3.12-urllib3
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.7.0-1.el9ap
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:34160.json"
RHSA-2026:34160 - OSV