RHSA-2025:3490
- Source
- https://access.redhat.com/errata/RHSA-2025:3490
- Import Source
- https://security.access.redhat.com/data/osv/RHSA-2025:3490.json
- JSON Data
- https://api.osv.dev/v1/vulns/RHSA-2025:3490
- Published
- 2025-04-02T10:06:08Z
- Modified
- 2025-04-03T10:06:57Z
- Severity
-
- 8.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- Red Hat Security Advisory: Satellite 6.16.4 Async Update
- Details
- References
-
- https://access.redhat.com/errata/RHSA-2025:3490
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/documentation/en-us/red_hat_satellite/6.16/html/updating_red_hat_satellite/index
- https://bugzilla.redhat.com/show_bug.cgi?id=2351231
- https://bugzilla.redhat.com/show_bug.cgi?id=2351767
- https://issues.redhat.com/browse/SAT-30808
- https://issues.redhat.com/browse/SAT-31568
- https://issues.redhat.com/browse/SAT-31569
- https://issues.redhat.com/browse/SAT-31570
- https://issues.redhat.com/browse/SAT-31572
- https://issues.redhat.com/browse/SAT-31576
- https://issues.redhat.com/browse/SAT-31577
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3490.json
- https://access.redhat.com/security/cve/CVE-2025-27407
- https://www.cve.org/CVERecord?id=CVE-2025-27407
- https://nvd.nist.gov/vuln/detail/CVE-2025-27407
- https://github.com/github-community-projects/graphql-client
- https://github.com/rmosolgo/graphql-ruby/commit/28233b16c0eb9d0fb7808f4980e061dc7507c4cd
- https://github.com/rmosolgo/graphql-ruby/commit/2d2f4ed1f79472f8eed29c864b039649e1de238f
- https://github.com/rmosolgo/graphql-ruby/commit/5c5a7b9a9bdce143be048074aea50edb7bb747be
- https://github.com/rmosolgo/graphql-ruby/commit/6eca16b9fa553aa957099a30dbde64ddcdac52ca
- https://github.com/rmosolgo/graphql-ruby/commit/d0963289e0dab4ea893bbecf12bb7d89294957bb
- https://github.com/rmosolgo/graphql-ruby/commit/d1117ae0361d9ed67e0795b07f5c3e98e62f3c7c
- https://github.com/rmosolgo/graphql-ruby/commit/e3b33ace05391da2871c75ab4d3b66e29133b367
- https://github.com/rmosolgo/graphql-ruby/security/advisories/GHSA-q92j-grw3-h492
- https://access.redhat.com/security/cve/CVE-2025-27610
- https://www.cve.org/CVERecord?id=CVE-2025-27610
- https://nvd.nist.gov/vuln/detail/CVE-2025-27610
- https://github.com/rack/rack/commit/50caab74fa01ee8f5dbdee7bb2782126d20c6583
- https://github.com/rack/rack/security/advisories/GHSA-7wqh-767x-r66v
Affected packages
Red Hat:satellite:6.16::el8 / rubygem-graphql
Package
- Name
- rubygem-graphql
- Purl
- pkg:rpm/redhat/rubygem-graphql
Red Hat:satellite:6.16::el9 / rubygem-graphql
Package
- Name
- rubygem-graphql
- Purl
- pkg:rpm/redhat/rubygem-graphql
Red Hat:satellite_capsule:6.16::el8 / rubygem-rack
Package
- Name
- rubygem-rack
- Purl
- pkg:rpm/redhat/rubygem-rack
Red Hat:satellite:6.16::el8 / rubygem-rack
Package
- Name
- rubygem-rack
- Purl
- pkg:rpm/redhat/rubygem-rack
Red Hat:satellite_capsule:6.16::el9 / rubygem-rack
Package
- Name
- rubygem-rack
- Purl
- pkg:rpm/redhat/rubygem-rack