{"id":"RHSA-2025:0340","summary":"Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update","modified":"2026-04-02T10:11:58Z","published":"2025-01-16T10:02:24Z","upstream":["CVE-2024-11407","CVE-2024-52304","CVE-2024-53907","CVE-2024-53908","CVE-2024-55565"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:0340"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2327130"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2329003"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2329287"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2329288"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2331063"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_0340.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-11407"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-11407"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-11407"},{"type":"ARTICLE","url":"https://github.com/grpc/grpc/commit/e9046b2bbebc0cb7f5dc42008f807f6c7e98e791"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-52304"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-52304"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52304"},{"type":"ARTICLE","url":"https://github.com/aio-libs/aiohttp/commit/259edc369075de63e6f3a4eaade058c62af0df71"},{"type":"ARTICLE","url":"https://github.com/aio-libs/aiohttp/security/advisories/GHSA-8495-4g3g-x7pr"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-53907"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-53907"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53907"},{"type":"ARTICLE","url":"https://www.djangoproject.com/weblog/2024/dec/04/security-releases/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-53908"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-53908"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53908"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-55565"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-55565"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-55565"},{"type":"ARTICLE","url":"https://github.com/ai/nanoid/compare/3.3.7...3.3.8"},{"type":"ARTICLE","url":"https://github.com/ai/nanoid/pull/510"},{"type":"ARTICLE","url":"https://github.com/ai/nanoid/releases/tag/5.0.9"}],"affected":[{"package":{"name":"automation-controller-venv-tower","ecosystem":"Red Hat:ansible_automation_platform_developer:2.5::el8","purl":"pkg:rpm/redhat/automation-controller-venv-tower"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.6.6-1.el8ap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:0340.json"}},{"package":{"name":"automation-controller-venv-tower","ecosystem":"Red Hat:ansible_automation_platform:2.5::el8","purl":"pkg:rpm/redhat/automation-controller-venv-tower"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.6.6-1.el8ap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:0340.json"}},{"package":{"name":"automation-controller-venv-tower","ecosystem":"Red Hat:ansible_automation_platform_developer:2.5::el9","purl":"pkg:rpm/redhat/automation-controller-venv-tower"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.6.6-1.el9ap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:0340.json"}},{"package":{"name":"automation-controller-venv-tower","ecosystem":"Red Hat:ansible_automation_platform:2.5::el9","purl":"pkg:rpm/redhat/automation-controller-venv-tower"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.6.6-1.el9ap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:0340.json"}},{"package":{"name":"python3.11-aiohttp","ecosystem":"Red Hat:ansible_automation_platform:2.5::el8","purl":"pkg:rpm/redhat/python3.11-aiohttp"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.10.11-1.el8ap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:0340.json"}},{"package":{"name":"python3.11-aiohttp-debuginfo","ecosystem":"Red Hat:ansible_automation_platform:2.5::el8","purl":"pkg:rpm/redhat/python3.11-aiohttp-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.10.11-1.el8ap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:0340.json"}},{"package":{"name":"python3.11-aiohttp-debugsource","ecosystem":"Red Hat:ansible_automation_platform:2.5::el8","purl":"pkg:rpm/redhat/python3.11-aiohttp-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.10.11-1.el8ap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:0340.json"}},{"package":{"name":"python3.11-aiohttp","ecosystem":"Red Hat:ansible_automation_platform:2.5::el9","purl":"pkg:rpm/redhat/python3.11-aiohttp"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.10.11-1.el9ap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:0340.json"}},{"package":{"name":"python3.11-aiohttp-debuginfo","ecosystem":"Red Hat:ansible_automation_platform:2.5::el9","purl":"pkg:rpm/redhat/python3.11-aiohttp-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.10.11-1.el9ap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:0340.json"}},{"package":{"name":"python3.11-aiohttp-debugsource","ecosystem":"Red Hat:ansible_automation_platform:2.5::el9","purl":"pkg:rpm/redhat/python3.11-aiohttp-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.10.11-1.el9ap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:0340.json"}},{"package":{"name":"automation-gateway-server","ecosystem":"Red Hat:ansible_automation_platform:2.5::el8","purl":"pkg:rpm/redhat/automation-gateway-server"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.5.20250115-1.el8ap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:0340.json"}},{"package":{"name":"automation-gateway-server","ecosystem":"Red Hat:ansible_automation_platform:2.5::el9","purl":"pkg:rpm/redhat/automation-gateway-server"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.5.20250115-1.el9ap"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:0340.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}]}