Detections
Analytics
RHEL 9 : Satellite 6.17.0 (Important) (RHSA-2025:4576)
medium Nessus Plugin ID 235426
Language:
Synopsis
The remote Red Hat host is missing one or more security updates.Description
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4576 advisory.Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.
Security Fix(es):
* python-django: Potential denial-of-service vulnerability in IPv6 validation (CVE-2024-56374)
* python-jinja2: Sandbox breakout through indirect reference to format method (CVE-2024-56326)
* rubygem-rack: Local File Inclusion in Rack::Static (CVE-2025-27610)
* rubygem-graphql: Remote code execution when loading a crafted GraphQL schema (CVE-2025-27407)
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://access.redhat.com/security/updates/classification/#important
https://issues.redhat.com/browse/SAT-12130
https://issues.redhat.com/browse/SAT-16243
https://issues.redhat.com/browse/SAT-16248
https://issues.redhat.com/browse/SAT-16392
https://issues.redhat.com/browse/SAT-17448
https://issues.redhat.com/browse/SAT-17783
https://issues.redhat.com/browse/SAT-19325
https://issues.redhat.com/browse/SAT-19336
https://issues.redhat.com/browse/SAT-19505
https://issues.redhat.com/browse/SAT-19515
https://issues.redhat.com/browse/SAT-19781
https://issues.redhat.com/browse/SAT-19933
https://issues.redhat.com/browse/SAT-20010
https://issues.redhat.com/browse/SAT-20579
https://issues.redhat.com/browse/SAT-20586
https://issues.redhat.com/browse/SAT-21359
https://issues.redhat.com/browse/SAT-22510
https://issues.redhat.com/browse/SAT-22966
https://issues.redhat.com/browse/SAT-23114
https://issues.redhat.com/browse/SAT-23229
https://issues.redhat.com/browse/SAT-2340
https://issues.redhat.com/browse/SAT-23647
https://issues.redhat.com/browse/SAT-24108
https://issues.redhat.com/browse/SAT-24282
https://issues.redhat.com/browse/SAT-24725
https://issues.redhat.com/browse/SAT-24795
https://issues.redhat.com/browse/SAT-25448
https://issues.redhat.com/browse/SAT-25464
https://issues.redhat.com/browse/SAT-2549
https://issues.redhat.com/browse/SAT-25949
https://issues.redhat.com/browse/SAT-26058
https://issues.redhat.com/browse/SAT-26076
https://issues.redhat.com/browse/SAT-26522
https://issues.redhat.com/browse/SAT-26537
https://issues.redhat.com/browse/SAT-26605
https://issues.redhat.com/browse/SAT-26741
https://issues.redhat.com/browse/SAT-26866
https://issues.redhat.com/browse/SAT-27070
https://issues.redhat.com/browse/SAT-27153
https://issues.redhat.com/browse/SAT-27221
https://issues.redhat.com/browse/SAT-27308
https://issues.redhat.com/browse/SAT-27349
https://issues.redhat.com/browse/SAT-27369
https://issues.redhat.com/browse/SAT-27374
https://issues.redhat.com/browse/SAT-27388
https://issues.redhat.com/browse/SAT-27418
https://issues.redhat.com/browse/SAT-27420
https://issues.redhat.com/browse/SAT-27427
https://issues.redhat.com/browse/SAT-27554
https://issues.redhat.com/browse/SAT-27620
https://issues.redhat.com/browse/SAT-27627
https://issues.redhat.com/browse/SAT-27675
https://issues.redhat.com/browse/SAT-27703
https://issues.redhat.com/browse/SAT-27717
https://issues.redhat.com/browse/SAT-27756
https://issues.redhat.com/browse/SAT-27847
https://issues.redhat.com/browse/SAT-27863
https://issues.redhat.com/browse/SAT-27874
https://issues.redhat.com/browse/SAT-27875
https://issues.redhat.com/browse/SAT-27924
https://issues.redhat.com/browse/SAT-27939
https://issues.redhat.com/browse/SAT-27979
https://issues.redhat.com/browse/SAT-28029
https://issues.redhat.com/browse/SAT-28060
https://issues.redhat.com/browse/SAT-28185
https://issues.redhat.com/browse/SAT-28216
https://issues.redhat.com/browse/SAT-28293
https://issues.redhat.com/browse/SAT-28311
https://issues.redhat.com/browse/SAT-28312
https://issues.redhat.com/browse/SAT-28337
https://issues.redhat.com/browse/SAT-28338
https://issues.redhat.com/browse/SAT-28356
https://issues.redhat.com/browse/SAT-28443
https://issues.redhat.com/browse/SAT-28464
https://issues.redhat.com/browse/SAT-28471
https://issues.redhat.com/browse/SAT-28472
https://issues.redhat.com/browse/SAT-28486
https://issues.redhat.com/browse/SAT-28493
https://issues.redhat.com/browse/SAT-28526
https://issues.redhat.com/browse/SAT-28538
https://issues.redhat.com/browse/SAT-28552
https://issues.redhat.com/browse/SAT-28553
https://issues.redhat.com/browse/SAT-28556
https://issues.redhat.com/browse/SAT-28575
https://issues.redhat.com/browse/SAT-28613
https://issues.redhat.com/browse/SAT-28662
https://issues.redhat.com/browse/SAT-28735
https://issues.redhat.com/browse/SAT-28743
https://issues.redhat.com/browse/SAT-28756
https://issues.redhat.com/browse/SAT-28818
https://issues.redhat.com/browse/SAT-28823
https://issues.redhat.com/browse/SAT-28826
https://issues.redhat.com/browse/SAT-28856
https://issues.redhat.com/browse/SAT-28894
https://issues.redhat.com/browse/SAT-28981
https://issues.redhat.com/browse/SAT-28994
https://issues.redhat.com/browse/SAT-29017
https://issues.redhat.com/browse/SAT-29058
https://issues.redhat.com/browse/SAT-29062
https://issues.redhat.com/browse/SAT-29068
https://issues.redhat.com/browse/SAT-29070
https://issues.redhat.com/browse/SAT-29090
https://issues.redhat.com/browse/SAT-29203
https://issues.redhat.com/browse/SAT-29209
https://issues.redhat.com/browse/SAT-29212
https://issues.redhat.com/browse/SAT-29214
https://issues.redhat.com/browse/SAT-29314
https://issues.redhat.com/browse/SAT-29322
https://issues.redhat.com/browse/SAT-29332
https://issues.redhat.com/browse/SAT-29345
https://issues.redhat.com/browse/SAT-29347
https://issues.redhat.com/browse/SAT-29454
https://issues.redhat.com/browse/SAT-29469
https://issues.redhat.com/browse/SAT-29567
https://issues.redhat.com/browse/SAT-29596
https://issues.redhat.com/browse/SAT-29622
https://issues.redhat.com/browse/SAT-29623
https://issues.redhat.com/browse/SAT-29667
https://issues.redhat.com/browse/SAT-29670
https://issues.redhat.com/browse/SAT-29675
https://issues.redhat.com/browse/SAT-29679
https://issues.redhat.com/browse/SAT-29794
https://issues.redhat.com/browse/SAT-29863
https://issues.redhat.com/browse/SAT-29939
https://issues.redhat.com/browse/SAT-29945
https://issues.redhat.com/browse/SAT-29950
https://issues.redhat.com/browse/SAT-29957
https://issues.redhat.com/browse/SAT-30004
https://issues.redhat.com/browse/SAT-30014
https://issues.redhat.com/browse/SAT-30043
https://issues.redhat.com/browse/SAT-30070
https://issues.redhat.com/browse/SAT-30098
https://issues.redhat.com/browse/SAT-30102
https://issues.redhat.com/browse/SAT-30106
https://issues.redhat.com/browse/SAT-30108
https://issues.redhat.com/browse/SAT-30112
https://issues.redhat.com/browse/SAT-30118
https://issues.redhat.com/browse/SAT-30138
https://issues.redhat.com/browse/SAT-30141
https://issues.redhat.com/browse/SAT-30152
https://issues.redhat.com/browse/SAT-30154
https://issues.redhat.com/browse/SAT-30167
https://issues.redhat.com/browse/SAT-30172
https://issues.redhat.com/browse/SAT-30176
https://issues.redhat.com/browse/SAT-30186
https://issues.redhat.com/browse/SAT-30188
https://issues.redhat.com/browse/SAT-30209
https://issues.redhat.com/browse/SAT-30220
https://issues.redhat.com/browse/SAT-30227
https://issues.redhat.com/browse/SAT-30228
https://issues.redhat.com/browse/SAT-30314
https://issues.redhat.com/browse/SAT-30342
https://issues.redhat.com/browse/SAT-30374
https://issues.redhat.com/browse/SAT-30378
https://issues.redhat.com/browse/SAT-30403
https://issues.redhat.com/browse/SAT-30443
https://issues.redhat.com/browse/SAT-30464
https://issues.redhat.com/browse/SAT-30491
https://issues.redhat.com/browse/SAT-30541
https://issues.redhat.com/browse/SAT-30543
https://issues.redhat.com/browse/SAT-30544
https://issues.redhat.com/browse/SAT-30577
https://issues.redhat.com/browse/SAT-30611
https://issues.redhat.com/browse/SAT-30614
https://issues.redhat.com/browse/SAT-30625
https://issues.redhat.com/browse/SAT-30636
https://issues.redhat.com/browse/SAT-30637
https://issues.redhat.com/browse/SAT-30669
https://issues.redhat.com/browse/SAT-30686
https://issues.redhat.com/browse/SAT-30715
https://issues.redhat.com/browse/SAT-30717
https://issues.redhat.com/browse/SAT-30726
https://issues.redhat.com/browse/SAT-30761
https://issues.redhat.com/browse/SAT-30767
https://issues.redhat.com/browse/SAT-30785
https://issues.redhat.com/browse/SAT-30790
https://issues.redhat.com/browse/SAT-30815
https://issues.redhat.com/browse/SAT-30841
https://issues.redhat.com/browse/SAT-30846
https://issues.redhat.com/browse/SAT-30869
https://issues.redhat.com/browse/SAT-30916
https://issues.redhat.com/browse/SAT-30961
https://issues.redhat.com/browse/SAT-30962
https://issues.redhat.com/browse/SAT-30967
https://issues.redhat.com/browse/SAT-30970
https://issues.redhat.com/browse/SAT-31040
https://issues.redhat.com/browse/SAT-31105
https://issues.redhat.com/browse/SAT-31111
https://issues.redhat.com/browse/SAT-31157
https://issues.redhat.com/browse/SAT-31160
https://issues.redhat.com/browse/SAT-31193
https://issues.redhat.com/browse/SAT-31196
https://issues.redhat.com/browse/SAT-31203
https://issues.redhat.com/browse/SAT-31220
https://issues.redhat.com/browse/SAT-31241
https://issues.redhat.com/browse/SAT-31308
https://issues.redhat.com/browse/SAT-31315
https://issues.redhat.com/browse/SAT-31316
https://issues.redhat.com/browse/SAT-31338
https://issues.redhat.com/browse/SAT-31351
https://issues.redhat.com/browse/SAT-31398
https://issues.redhat.com/browse/SAT-31451
https://issues.redhat.com/browse/SAT-31475
https://issues.redhat.com/browse/SAT-31479
https://issues.redhat.com/browse/SAT-31502
https://issues.redhat.com/browse/SAT-31526
https://issues.redhat.com/browse/SAT-31588
https://issues.redhat.com/browse/SAT-31602
https://issues.redhat.com/browse/SAT-31645
https://issues.redhat.com/browse/SAT-31813
https://issues.redhat.com/browse/SAT-31814
https://issues.redhat.com/browse/SAT-32426
https://issues.redhat.com/browse/SAT-32447
https://issues.redhat.com/browse/SAT-32467
https://issues.redhat.com/browse/SAT-32604
https://issues.redhat.com/browse/SAT-32605
https://issues.redhat.com/browse/SAT-5118
https://issues.redhat.com/browse/SAT-6776
Plugin Details
Severity: Medium
ID: 235426
File Name: redhat-RHSA-2025-4576.nasl
Version: 1.1
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 5/7/2025
Updated: 5/7/2025
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.2
Vendor
Vendor Severity: Important
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 5.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N
CVSS Score Source: CVE-2025-27610
CVSS v3
Risk Factor: Critical
Base Score: 9
Temporal Score: 7.8
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CVSS Score Source: CVE-2025-27407
CVSS v4
Risk Factor: Medium
Base Score: 5.4
Threat Score: 2
Threat Vector: CVSS:4.0/E:U
Vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS Score Source: CVE-2024-56326
Vulnerability Information
CPE: cpe:/o:redhat:enterprise_linux:9, p-cpe:/a:redhat:enterprise_linux:python3.11-django, p-cpe:/a:redhat:enterprise_linux:python-django, p-cpe:/a:redhat:enterprise_linux:python3.11-jinja2, p-cpe:/a:redhat:enterprise_linux:rubygem-graphql, p-cpe:/a:redhat:enterprise_linux:python-jinja2, p-cpe:/a:redhat:enterprise_linux:rubygem-rack
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Ease: No known exploits are available
Patch Publication Date: 5/6/2025
Vulnerability Publication Date: 12/23/2024
Reference Information
CVE: CVE-2024-56326, CVE-2024-56374, CVE-2025-27407, CVE-2025-27610