{
  "schema_version": "1.7.0",
  "id": "RHSA-2026:34160",
  "related": [],
  "upstream": [
    "CVE-2026-6322",
    "CVE-2026-33154",
    "CVE-2026-41240",
    "CVE-2026-42035",
    "CVE-2026-44293",
    "CVE-2026-44431",
    "CVE-2026-44432",
    "CVE-2026-44488",
    "CVE-2026-44495",
    "CVE-2026-48526"
  ],
  "published": "2026-07-02T10:17:34Z",
  "modified": "2026-07-10T10:09:39Z",
  "summary": "Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update",
  "severity": [
    {
      "type": "CVSS_V3",
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"
    }
  ],
  "affected": [
    {
      "package": {
        "name": "automation-platform-ui",
        "ecosystem": "Red Hat:ansible_automation_platform:2.6::el9",
        "purl": "pkg:rpm/redhat/automation-platform-ui"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:2.6.10-1.el9ap"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "automation-controller",
        "ecosystem": "Red Hat:ansible_automation_platform_developer:2.6::el9",
        "purl": "pkg:rpm/redhat/automation-controller"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:4.7.13-2.el9ap"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "automation-controller-cli",
        "ecosystem": "Red Hat:ansible_automation_platform_developer:2.6::el9",
        "purl": "pkg:rpm/redhat/automation-controller-cli"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:4.7.13-2.el9ap"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "automation-controller",
        "ecosystem": "Red Hat:ansible_automation_platform:2.6::el9",
        "purl": "pkg:rpm/redhat/automation-controller"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:4.7.13-2.el9ap"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "automation-controller-cli",
        "ecosystem": "Red Hat:ansible_automation_platform:2.6::el9",
        "purl": "pkg:rpm/redhat/automation-controller-cli"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:4.7.13-2.el9ap"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "automation-controller-server",
        "ecosystem": "Red Hat:ansible_automation_platform:2.6::el9",
        "purl": "pkg:rpm/redhat/automation-controller-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:4.7.13-2.el9ap"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "automation-controller-ui",
        "ecosystem": "Red Hat:ansible_automation_platform:2.6::el9",
        "purl": "pkg:rpm/redhat/automation-controller-ui"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:4.7.13-2.el9ap"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "automation-controller-venv-tower",
        "ecosystem": "Red Hat:ansible_automation_platform:2.6::el9",
        "purl": "pkg:rpm/redhat/automation-controller-venv-tower"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:4.7.13-2.el9ap"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "python3.12-urllib3",
        "ecosystem": "Red Hat:ansible_automation_platform_developer:2.6::el9",
        "purl": "pkg:rpm/redhat/python3.12-urllib3"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:2.7.0-1.el9ap"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "python3.12-urllib3",
        "ecosystem": "Red Hat:ansible_automation_platform:2.6::el9",
        "purl": "pkg:rpm/redhat/python3.12-urllib3"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:2.7.0-1.el9ap"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "python3.12-pyjwt+crypto",
        "ecosystem": "Red Hat:ansible_automation_platform:2.6::el9",
        "purl": "pkg:rpm/redhat/python3.12-pyjwt%2Bcrypto"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:2.13.0-1.el9ap"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "python3.12-pyjwt",
        "ecosystem": "Red Hat:ansible_automation_platform:2.6::el9",
        "purl": "pkg:rpm/redhat/python3.12-pyjwt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:2.13.0-1.el9ap"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2026:34160"
    },
    {
      "type": "ARTICLE",
      "url": "https://access.redhat.com/security/updates/classification/#important"
    },
    {
      "type": "ARTICLE",
      "url": "https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.6/whats_new-async_updates"
    },
    {
      "type": "ARTICLE",
      "url": "https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.6#Upgrade"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449774"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461147"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461606"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466684"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477104"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477154"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477167"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482734"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487937"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487949"
    },
    {
      "type": "ADVISORY",
      "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_34160.json"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-6322"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-6322"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322"
    },
    {
      "type": "ARTICLE",
      "url": "https://cna.openjsf.org/security-advisories.html"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-33154"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33154"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33154"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/dynaconf/dynaconf/commit/2fbb45ee36b8c0caa5b924fe19f3c1a5e8603fa7"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/dynaconf/dynaconf/releases/tag/3.2.13"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/dynaconf/dynaconf/security/advisories/GHSA-pxrr-hq57-q35p"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-41240"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-41240"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41240"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/cure53/DOMPurify/commit/c361baa18dbdcb3344a41110f4c48ad85bf48f80"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/cure53/DOMPurify/releases/tag/3.4.0"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-h7mw-gpvr-xq4m"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-42035"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-42035"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-44293"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-44293"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44293"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/protobufjs/protobuf.js/security/advisories/GHSA-66ff-xgx4-vchm"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-44431"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-44431"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-44432"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-44432"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44432"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-44488"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-44488"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44488"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-44495"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-44495"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44495"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-48526"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-48526"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48526"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-xgmm-8j9v-c9wx"
    }
  ]
}