Multiple vulnerabilities in Ansible Automation Platform 2.6 packages
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2025-59343 CVE-2025-59682 |
| CWE-ID | CWE-22 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
python3.11-galaxy-ng (Red Hat package) Operating systems & Components / Operating system package or component python3.11-django-ansible-base (Red Hat package) Operating systems & Components / Operating system package or component python3.11-daemon (Red Hat package) Operating systems & Components / Operating system package or component automation-platform-ui (Red Hat package) Operating systems & Components / Operating system package or component automation-hub (Red Hat package) Operating systems & Components / Operating system package or component automation-gateway (Red Hat package) Operating systems & Components / Operating system package or component automation-eda-controller (Red Hat package) Operating systems & Components / Operating system package or component automation-controller (Red Hat package) Operating systems & Components / Operating system package or component ansible-navigator (Red Hat package) Operating systems & Components / Operating system package or component ansible-builder (Red Hat package) Operating systems & Components / Operating system package or component ansible-automation-platform-installer (Red Hat package) Operating systems & Components / Operating system package or component aap-metrics-utility (Red Hat package) Operating systems & Components / Operating system package or component receptor (Red Hat package) Operating systems & Components / Operating system package or component python3.11-galaxy-importer (Red Hat package) Operating systems & Components / Operating system package or component python3.11-django (Red Hat package) Operating systems & Components / Operating system package or component automation-gateway-proxy (Red Hat package) Operating systems & Components / Operating system package or component Ansible Automation Platform Server applications / Other server solutions |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Path traversal
EUVDB-ID: #VU117332
Risk: High
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-59343
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to symlink validation bypass if the destination directory is predictable with a specific tarball. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.
MitigationInstall updates from vendor's website.
python3.11-galaxy-ng (Red Hat package): before 4.11.2-1.el9ap
python3.11-django-ansible-base (Red Hat package): before 2.6.20251023-1.el9ap
python3.11-daemon (Red Hat package): before 3.1.2-1.el9ap
automation-platform-ui (Red Hat package): before 2.6.2-1.el9ap
automation-hub (Red Hat package): before 4.11.2-1.el9ap
automation-gateway (Red Hat package): before 2.6.20251022-1.el9ap
automation-eda-controller (Red Hat package): before 1.2.1-1.el9ap
automation-controller (Red Hat package): before 4.7.4-1.el9ap
ansible-navigator (Red Hat package): before 25.8.0-2.el9ap
ansible-builder (Red Hat package): before 3.1.0-2.el9ap
ansible-automation-platform-installer (Red Hat package): before 2.6-2.el9ap
aap-metrics-utility (Red Hat package): before 0.6.1-3.el9ap
Ansible Automation Platform: before 2.6
receptor (Red Hat package): before 1.6.0-2.1.el9ap
python3.11-galaxy-importer (Red Hat package): before 0.4.34-1.el9ap
python3.11-django (Red Hat package): before 4.2.25-1.el9ap
automation-gateway-proxy (Red Hat package): before 2.6.6-4.el9ap
CPE2.3- cpe:2.3:a:red_hat:python3_11-galaxy-ng_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:python3_11-django-ansible-base_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:python3_11-daemon_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:automation-platform-ui_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:automation-hub_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:automation-gateway_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:automation-eda-controller_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:automation-controller_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:ansible-navigator_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:ansible-builder_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:ansible-automation-platform-installer_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:aap-metrics-utility_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:ansible_automation_platform:*:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:receptor_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:python3_11-galaxy-importer_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:python3_11-django_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:automation-gateway-proxy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
https://access.redhat.com/errata/RHSA-2025:19201
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Path traversal
EUVDB-ID: #VU116427
Risk: Medium
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-59682
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences within the django.utils.archive.extract() function. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.
MitigationInstall updates from vendor's website.
python3.11-galaxy-ng (Red Hat package): before 4.11.2-1.el9ap
python3.11-django-ansible-base (Red Hat package): before 2.6.20251023-1.el9ap
python3.11-daemon (Red Hat package): before 3.1.2-1.el9ap
automation-platform-ui (Red Hat package): before 2.6.2-1.el9ap
automation-hub (Red Hat package): before 4.11.2-1.el9ap
automation-gateway (Red Hat package): before 2.6.20251022-1.el9ap
automation-eda-controller (Red Hat package): before 1.2.1-1.el9ap
automation-controller (Red Hat package): before 4.7.4-1.el9ap
ansible-navigator (Red Hat package): before 25.8.0-2.el9ap
ansible-builder (Red Hat package): before 3.1.0-2.el9ap
ansible-automation-platform-installer (Red Hat package): before 2.6-2.el9ap
aap-metrics-utility (Red Hat package): before 0.6.1-3.el9ap
Ansible Automation Platform: before 2.6
receptor (Red Hat package): before 1.6.0-2.1.el9ap
python3.11-galaxy-importer (Red Hat package): before 0.4.34-1.el9ap
python3.11-django (Red Hat package): before 4.2.25-1.el9ap
automation-gateway-proxy (Red Hat package): before 2.6.6-4.el9ap
CPE2.3- cpe:2.3:a:red_hat:python3_11-galaxy-ng_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:python3_11-django-ansible-base_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:python3_11-daemon_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:automation-platform-ui_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:automation-hub_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:automation-gateway_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:automation-eda-controller_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:automation-controller_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:ansible-navigator_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:ansible-builder_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:ansible-automation-platform-installer_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:aap-metrics-utility_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:ansible_automation_platform:*:*:*:*:*:*:*:*
- cpe:2.3:a:red_hat:receptor_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:python3_11-galaxy-importer_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:python3_11-django_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:automation-gateway-proxy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
https://access.redhat.com/errata/RHSA-2025:19201
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
