RHSA-2025:1335
- Source
- https://access.redhat.com/errata/RHSA-2025:1335
- Import Source
- https://security.access.redhat.com/data/osv/RHSA-2025:1335.json
- JSON Data
- https://api.osv.dev/v1/vulns/RHSA-2025:1335
- Related
- Published
- 2025-02-12T10:04:17Z
- Modified
- 2025-02-20T10:02:41Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Red Hat Security Advisory: RHUI 4.11 security, bugfix, and enhancement update
- Details
- References
-
- https://access.redhat.com/errata/RHSA-2025:1335
- https://access.redhat.com/security/updates/classification/#important
- https://docs.redhat.com/en/documentation/red_hat_update_infrastructure/4/html/release_notes/index
- https://bugzilla.redhat.com/show_bug.cgi?id=2269617
- https://bugzilla.redhat.com/show_bug.cgi?id=2275280
- https://bugzilla.redhat.com/show_bug.cgi?id=2275989
- https://bugzilla.redhat.com/show_bug.cgi?id=2278038
- https://bugzilla.redhat.com/show_bug.cgi?id=2278710
- https://bugzilla.redhat.com/show_bug.cgi?id=2279476
- https://bugzilla.redhat.com/show_bug.cgi?id=2282114
- https://bugzilla.redhat.com/show_bug.cgi?id=2295938
- https://bugzilla.redhat.com/show_bug.cgi?id=2302433
- https://bugzilla.redhat.com/show_bug.cgi?id=2302434
- https://bugzilla.redhat.com/show_bug.cgi?id=2302435
- https://bugzilla.redhat.com/show_bug.cgi?id=2302436
- https://issues.redhat.com/browse/RHUI-429
- https://issues.redhat.com/browse/RHUI-577
- https://issues.redhat.com/browse/RHUI-617
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1335.json
- https://access.redhat.com/security/cve/CVE-2024-1135
- https://www.cve.org/CVERecord?id=CVE-2024-1135
- https://nvd.nist.gov/vuln/detail/CVE-2024-1135
- https://github.com/advisories/GHSA-w3h3-4rj7-4ph4
- https://github.com/benoitc/gunicorn/commit/ac29c9b0a758d21f1e0fb3b3457239e523fa9f1d
- https://huntr.com/bounties/22158e34-cfd5-41ad-97e0-a780773d96c1
- https://access.redhat.com/security/cve/CVE-2024-4340
- https://www.cve.org/CVERecord?id=CVE-2024-4340
- https://nvd.nist.gov/vuln/detail/CVE-2024-4340
- https://github.com/advisories/GHSA-2m57-hf25-phgg
- https://access.redhat.com/security/cve/CVE-2024-7246
- https://bugzilla.redhat.com/show_bug.cgi?id=2303104
- https://www.cve.org/CVERecord?id=CVE-2024-7246
- https://nvd.nist.gov/vuln/detail/CVE-2024-7246
- https://github.com/grpc/grpc/issues/36245
- https://access.redhat.com/security/cve/CVE-2024-26130
- https://www.cve.org/CVERecord?id=CVE-2024-26130
- https://nvd.nist.gov/vuln/detail/CVE-2024-26130
- https://access.redhat.com/security/cve/CVE-2024-27306
- https://www.cve.org/CVERecord?id=CVE-2024-27306
- https://nvd.nist.gov/vuln/detail/CVE-2024-27306
- https://access.redhat.com/security/cve/CVE-2024-30251
- https://www.cve.org/CVERecord?id=CVE-2024-30251
- https://nvd.nist.gov/vuln/detail/CVE-2024-30251
- https://github.com/aio-libs/aiohttp/security/advisories/GHSA-5m98-qgg9-wh84
- https://www.openwall.com/lists/oss-security/2024/05/02/4
- https://access.redhat.com/security/cve/CVE-2024-34064
- https://www.cve.org/CVERecord?id=CVE-2024-34064
- https://nvd.nist.gov/vuln/detail/CVE-2024-34064
- https://github.com/pallets/jinja/security/advisories/GHSA-h75v-3vvj-5mfj
- https://access.redhat.com/security/cve/CVE-2024-35195
- https://www.cve.org/CVERecord?id=CVE-2024-35195
- https://nvd.nist.gov/vuln/detail/CVE-2024-35195
- https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56
- https://access.redhat.com/security/cve/CVE-2024-39614
- https://www.cve.org/CVERecord?id=CVE-2024-39614
- https://nvd.nist.gov/vuln/detail/CVE-2024-39614
- https://access.redhat.com/security/cve/CVE-2024-41989
- https://www.cve.org/CVERecord?id=CVE-2024-41989
- https://nvd.nist.gov/vuln/detail/CVE-2024-41989
- https://access.redhat.com/security/cve/CVE-2024-41990
- https://www.cve.org/CVERecord?id=CVE-2024-41990
- https://nvd.nist.gov/vuln/detail/CVE-2024-41990
- https://www.djangoproject.com/weblog/2024/aug/06/security-releases/
- https://access.redhat.com/security/cve/CVE-2024-41991
- https://www.cve.org/CVERecord?id=CVE-2024-41991
- https://nvd.nist.gov/vuln/detail/CVE-2024-41991
- https://access.redhat.com/security/cve/CVE-2024-42005
- https://www.cve.org/CVERecord?id=CVE-2024-42005
- https://nvd.nist.gov/vuln/detail/CVE-2024-42005
Affected packages
Red Hat:rhui:4::el8 / python-gunicorn
Package
- Name
- python-gunicorn
- Purl
- pkg:rpm/redhat/python-gunicorn
Red Hat:rhui:4::el8 / python3.11-gunicorn
Package
- Name
- python3.11-gunicorn
- Purl
- pkg:rpm/redhat/python3.11-gunicorn
Red Hat:rhui:4::el8 / python-sqlparse
Package
- Name
- python-sqlparse
- Purl
- pkg:rpm/redhat/python-sqlparse
Red Hat:rhui:4::el8 / python3.11-sqlparse
Package
- Name
- python3.11-sqlparse
- Purl
- pkg:rpm/redhat/python3.11-sqlparse
Red Hat:rhui:4::el8 / python-grpcio
Package
- Name
- python-grpcio
- Purl
- pkg:rpm/redhat/python-grpcio
Red Hat:rhui:4::el8 / python-grpcio-debugsource
Package
- Name
- python-grpcio-debugsource
- Purl
- pkg:rpm/redhat/python-grpcio-debugsource
Red Hat:rhui:4::el8 / python3.11-grpcio
Package
- Name
- python3.11-grpcio
- Purl
- pkg:rpm/redhat/python3.11-grpcio
Red Hat:rhui:4::el8 / python3.11-grpcio-debuginfo
Package
- Name
- python3.11-grpcio-debuginfo
- Purl
- pkg:rpm/redhat/python3.11-grpcio-debuginfo
Red Hat:rhui:4::el8 / python-cryptography
Package
- Name
- python-cryptography
- Purl
- pkg:rpm/redhat/python-cryptography
Red Hat:rhui:4::el8 / python-cryptography-debugsource
Package
- Name
- python-cryptography-debugsource
- Purl
- pkg:rpm/redhat/python-cryptography-debugsource
Red Hat:rhui:4::el8 / python3.11-cryptography
Package
- Name
- python3.11-cryptography
- Purl
- pkg:rpm/redhat/python3.11-cryptography
Red Hat:rhui:4::el8 / python3.11-cryptography-debuginfo
Package
- Name
- python3.11-cryptography-debuginfo
- Purl
- pkg:rpm/redhat/python3.11-cryptography-debuginfo
Red Hat:rhui:4::el8 / python-aiohttp
Package
- Name
- python-aiohttp
- Purl
- pkg:rpm/redhat/python-aiohttp
Red Hat:rhui:4::el8 / python-aiohttp-debugsource
Package
- Name
- python-aiohttp-debugsource
- Purl
- pkg:rpm/redhat/python-aiohttp-debugsource
Red Hat:rhui:4::el8 / python3.11-aiohttp
Package
- Name
- python3.11-aiohttp
- Purl
- pkg:rpm/redhat/python3.11-aiohttp
Red Hat:rhui:4::el8 / python3.11-aiohttp-debuginfo
Package
- Name
- python3.11-aiohttp-debuginfo
- Purl
- pkg:rpm/redhat/python3.11-aiohttp-debuginfo
Red Hat:rhui:4::el8 / python-jinja2
Package
- Name
- python-jinja2
- Purl
- pkg:rpm/redhat/python-jinja2
Red Hat:rhui:4::el8 / python3.11-jinja2
Package
- Name
- python3.11-jinja2
- Purl
- pkg:rpm/redhat/python3.11-jinja2
Red Hat:rhui:4::el8 / python-requests
Package
- Name
- python-requests
- Purl
- pkg:rpm/redhat/python-requests
Red Hat:rhui:4::el8 / python3.11-requests
Package
- Name
- python3.11-requests
- Purl
- pkg:rpm/redhat/python3.11-requests
Red Hat:rhui:4::el8 / python-django
Package
- Name
- python-django
- Purl
- pkg:rpm/redhat/python-django