{"id":"RHSA-2025:3490","summary":"Red Hat Security Advisory: Satellite 6.16.4 Async Update","modified":"2026-03-18T11:37:21.468190Z","published":"2025-04-02T10:06:08Z","upstream":["CVE-2025-27407","CVE-2025-27610"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:3490"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_satellite/6.16/html/updating_red_hat_satellite/index"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2351231"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2351767"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-30808"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-31568"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-31569"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-31570"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-31571"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-31572"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-31576"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-31577"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3490.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-27407"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-27407"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27407"},{"type":"ARTICLE","url":"https://github.com/github-community-projects/graphql-client"},{"type":"ARTICLE","url":"https://github.com/rmosolgo/graphql-ruby/commit/28233b16c0eb9d0fb7808f4980e061dc7507c4cd"},{"type":"ARTICLE","url":"https://github.com/rmosolgo/graphql-ruby/commit/2d2f4ed1f79472f8eed29c864b039649e1de238f"},{"type":"ARTICLE","url":"https://github.com/rmosolgo/graphql-ruby/commit/5c5a7b9a9bdce143be048074aea50edb7bb747be"},{"type":"ARTICLE","url":"https://github.com/rmosolgo/graphql-ruby/commit/6eca16b9fa553aa957099a30dbde64ddcdac52ca"},{"type":"ARTICLE","url":"https://github.com/rmosolgo/graphql-ruby/commit/d0963289e0dab4ea893bbecf12bb7d89294957bb"},{"type":"ARTICLE","url":"https://github.com/rmosolgo/graphql-ruby/commit/d1117ae0361d9ed67e0795b07f5c3e98e62f3c7c"},{"type":"ARTICLE","url":"https://github.com/rmosolgo/graphql-ruby/commit/e3b33ace05391da2871c75ab4d3b66e29133b367"},{"type":"ARTICLE","url":"https://github.com/rmosolgo/graphql-ruby/security/advisories/GHSA-q92j-grw3-h492"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-27610"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-27610"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27610"},{"type":"ARTICLE","url":"https://github.com/rack/rack/commit/50caab74fa01ee8f5dbdee7bb2782126d20c6583"},{"type":"ARTICLE","url":"https://github.com/rack/rack/security/advisories/GHSA-7wqh-767x-r66v"}],"affected":[{"package":{"name":"rubygem-graphql","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/rubygem-graphql"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13.24-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:3490.json"}},{"package":{"name":"rubygem-graphql","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/rubygem-graphql"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.13.24-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:3490.json"}},{"package":{"name":"rubygem-rack","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/rubygem-rack"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.13-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:3490.json"}},{"package":{"name":"rubygem-rack","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/rubygem-rack"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.13-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:3490.json"}},{"package":{"name":"rubygem-rack","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/rubygem-rack"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.13-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:3490.json"}},{"package":{"name":"rubygem-rack","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/rubygem-rack"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.2.13-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:3490.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}]}