Red Hat Product Errata RHSA-2026:13512 - Security Advisory Issued: 2026-05-04 Updated: 2026-05-04 RHSA-2026:13512 - Security Advisory Overview Updated Packages Synopsis Important: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. Security Fix(es): automation-controller: Account hijacking and unauthorized access via unverified email linking (CVE-2026-6266) automation-controller: PyJWT accepts unknown `crit` header extensions (RFC 7515 §4.1.11 MUST violation) (CVE-2026-32597) automation-controller: denial of service via malformed HTML-like sequences (CVE-2025-69534) automation-controller: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves (CVE-2026-26007) automation-gateway: Account hijacking and unauthorized access via unverified email linking (CVE-2026-6266) automation-gateway: Rollup: Remote Code Execution via Path Traversal Vulnerability (CVE-2026-27606) automation-gateway: SVGO: Denial of Service via XML entity expansion (CVE-2026-29074) automation-gateway: ReDoS via $data reference (CVE-2025-69873) automation-gateway-proxy: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) python3.12-django-ansible-base: Account hijacking and unauthorized access via unverified email linking (CVE-2026-6266) python3.12-markdown: denial of service via malformed HTML-like sequences (CVE-2025-69534) python3.12-jwcrypto: JWCrypto: Memory exhaustion via crafted compressed JWE tokens (CVE-2026-39373) python3.12-pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion (CVE-2026-30922) python3.12-pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID (CVE-2026-23490) python3.12-pyOpenSSL: DTLS cookie callback buffer overflow (CVE-2026-27459) receptor: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. For details about this release, refer to the release notes listed in the References section. Solution For details on how to apply this update, refer to Ansible Automation Platform documentation. Affected Products Red Hat Ansible Automation Platform 2.5 for RHEL 9 x86_64 Red Hat Ansible Automation Platform 2.5 for RHEL 9 s390x Red Hat Ansible Automation Platform 2.5 for RHEL 9 ppc64le Red Hat Ansible Automation Platform 2.5 for RHEL 9 aarch64 Red Hat Ansible Automation Platform 2.5 for RHEL 8 x86_64 Red Hat Ansible Automation Platform 2.5 for RHEL 8 s390x Red Hat Ansible Automation Platform 2.5 for RHEL 8 ppc64le Red Hat Ansible Automation Platform 2.5 for RHEL 8 aarch64 Red Hat Ansible Inside 1.3 for RHEL 9 x86_64 Red Hat Ansible Inside 1.3 for RHEL 9 s390x Red Hat Ansible Inside 1.3 for RHEL 9 ppc64le Red Hat Ansible Inside 1.3 for RHEL 9 aarch64 Red Hat Ansible Inside 1.3 for RHEL 8 x86_64 Red Hat Ansible Inside 1.3 for RHEL 8 s390x Red Hat Ansible Inside 1.3 for RHEL 8 ppc64le Red Hat Ansible Inside 1.3 for RHEL 8 aarch64 Red Hat Ansible Developer 1.2 for RHEL 9 x86_64 Red Hat Ansible Developer 1.2 for RHEL 9 s390x Red Hat Ansible Developer 1.2 for RHEL 9 ppc64le Red Hat Ansible Developer 1.2 for RHEL 9 aarch64 Red Hat Ansible Developer 1.2 for RHEL 8 x86_64 Red Hat Ansible Developer 1.2 for RHEL 8 s390x Red Hat Ansible Developer 1.2 for RHEL 8 ppc64le Red Hat Ansible Developer 1.2 for RHEL 8 aarch64 Fixes BZ - 2430472 - CVE-2026-23490 pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID BZ - 2438762 - CVE-2026-26007 cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves BZ - 2439070 - CVE-2025-69873 ajv: ReDoS via $data reference BZ - 2442530 - CVE-2026-27606 rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability BZ - 2444839 - CVE-2025-69534 python-markdown: denial of service via malformed HTML-like sequences BZ - 2445132 - CVE-2026-29074 svgo: SVGO: Denial of Service via XML entity expansion BZ - 2445356 - CVE-2026-25679 net/url: Incorrect parsing of IPv6 host literals in net/url BZ - 2447194 - CVE-2026-32597 pyjwt: PyJWT accepts unknown `crit` header extensions (RFC 7515 ?4.1.11 MUST violation) BZ - 2448503 - CVE-2026-27459 pyOpenSSL: DTLS cookie callback buffer overflow BZ - 2448553 - CVE-2026-30922 pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion BZ - 2456187 - CVE-2026-39373 JWCrypto: python-cryptography: python: JWCrypto: Memory exhaustion via crafted compressed JWE tokens BZ - 2458142 - CVE-2026-6266 aap-controller: aap-gateway: Account hijacking and unauthorized access via unverified email linking CVEs CVE-2025-69534 CVE-2025-69873 CVE-2026-6266 CVE-2026-23490 CVE-2026-25679 CVE-2026-26007 CVE-2026-27459 CVE-2026-27606 CVE-2026-29074 CVE-2026-30922 CVE-2026-32597 CVE-2026-39373 References https://access.redhat.com/security/updates/classification/#important https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/release_notes/patch_releases https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5#Upgrading Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Ansible Automation Platform 2.5 for RHEL 9 SRPM ansible-core-2.16.18-1.el9ap.src.rpm SHA-256: d9f483988298a2fc89e4c6392051be9ae04fccd63cc72c38d6421ffe766013e1 ansible-lint-26.1.1-1.el9ap.src.rpm SHA-256: eff00f74bfade246eb8029f777098d4233025ee25f7185887e4796c92cbe2bd5 automation-controller-4.6.28-3.el9ap.src.rpm SHA-256: dc933c176eb0f00d2cb6ec10f3263345321131d04ca0afb9cccf02f52a5f940a automation-eda-controller-1.1.18-1.el9ap.src.rpm SHA-256: 690f62f1473345f0d8dff1256ce5462896890dbf3cf237f8bd1a0cbcb56850b1 automation-gateway-2.5.20260422-2.el9ap.src.rpm SHA-256: d366f3090f061b74f12a625196f7b93ec5bc89bab855b842dd646136c1f3b73c automation-gateway-proxy-2.6.14-2.el9.src.rpm SHA-256: 7270ed64ef3c29ac4bdf56c9bafe90a74923eb9f3c5202e396752a5490dd72b1 automation-hub-4.10.14-1.el9ap.src.rpm SHA-256: 66fb69b6ff594f94d1876d58206c62b3cb9f46214cf9688a173a5c5b881d1a4d python3.12-black-26.3.1-1.el9ap.src.rpm SHA-256: 8024ac23abe151ab52217a3a870558f2f838d2a63b6fee9b75ec32f7d627c44c python3.12-cffi-2.0.0-1.el9ap.src.rpm SHA-256: 17e5a8d28f35acebb49f60b1a860cd7f5e9b96b76d947d02b8129d29f8f068ef python3.12-cryptography-46.0.5-2.el9ap.src.rpm SHA-256: 817c0419b1c6f9ce96ef49598430240cec230730ead4e0ef78c3fc8ddad1c5c9 python3.12-django-ansible-base-2.5.20260422-2.el9ap.src.rpm SHA-256: b75736ced0365f5252c2f8394dfa19372d6d6c11157f3eab5da45157d762635d python3.12-galaxy-importer-0.4.38-1.el9ap.src.rpm SHA-256: 8905097e609b22ecd6ac51387f5d8fcf0b638062801a83032a2ba1a26c2aa44e python3.12-galaxy-ng-4.10.14-1.el9ap.src.rpm SHA-256: 01a0a5186a8ad01b112d59069cebad935bee73a7a8a3245121dc540cc67c195b python3.12-jwcrypto-1.5.7-1.el9ap.src.rpm SHA-256: 005077fcffc7d9a8db0a74267b41ea4bccfab49bc182feec08b85dae50710d1c python3.12-markdown-3.10.2-1.el9ap.src.rpm SHA-256: 44aadf8892fc4c0a266b87dcae6189769b054fb935236c101f3d7d2d96eb784f python3.12-pathspec-1.0.4-1.el9ap.src.rpm SHA-256: 6ea510b329c9077bbc3ddcfd0a7398f01e0f63f0ec95a5d5d3d4f4015658f8cb python3.12-pulp-container-2.19.10-1.el9ap.src.rpm SHA-256: a8a93f042b27edb57355fdb888fadd7d274ea665cc645738720d59428e244cba python3.12-pulpcore-3.49.57-1.el9ap.src.rpm SHA-256: 4449ed3270c2e11a055cb2d8b59b75b371fa57208ea86bdab2e84526349b096c python3.12-pyOpenSSL-26.0.0-1.el9ap.src.rpm SHA-256: 0bfff80a0f6b9b0550ecc133f9f63ff44966b13dd589ceb6e8054819e3ead40f python3.12-pyasn1-0.6.3-1.el9ap.src.rpm SHA-256: 346ac587872fa6128483208922d2b9701766373d3c0bdb1636d44e501de00301 python3.12-pyasn1-modules-0.4.2-1.el9ap.src.rpm SHA-256: 6987aad1b4cb6a63199688758ce4e4b0102383bfd23363e634c70bd09d78aa5a python3.12-pyjwt-2.12.1-1.el9ap.src.rpm SHA-256: 35a6cc389b779edde89744c2dc85aa4e0c77c88006d172000b1bd20663930768 python3.12-pysequoia-0.1.32-1.el9ap.src.rpm SHA-256: 18e38945aeb427bf78bc824710416c439d5cc3f0e4ce27f50ad6fa503e7705e7 python3.12-pytokens-0.4.1-1.el9ap.src.rpm SHA-256: a011d65c034be85570c55ff3abe2427493a65d2d0328814b00fdf7415abaf666 receptor-1.6.4-2.el9ap.src.rpm SHA-256: 02783588b42c2ab91282ca26d95009f9cdc609f8d3c74f5b6145547b16c8812b yamllint-1.38.0-1.el9ap.src.rpm SHA-256: 5e6807b5fcc4cb88a4f7c6af5467c89f8b802ff957c98e4bafdb5deda2d13d6b x86_64 ansible-core-2.16.18-1.el9ap.noarch.rpm SHA-256: ed12946b9db9594a2cd44c4941b8b09a830e1779a000ef3dac379549f32d7635 ansible-lint-26.1.1-1.el9ap.noarch.rpm SHA-256: 6e7131d4778df152857a9b95ffb80e5a516f8fc177d9448e306251bfc2979937 ansible-test-2.16.18-1.el9ap.noarch.rpm SHA-256: fd9622c4a77aebf80b6b173fd10a66ba70ed1cfbc0a1a7eccc43a26ab5060922 automation-controller-4.6.28-3.el9ap.x86_64.rpm SHA-256: 4bce03b7030fe4769723d4239f88ccd71db0a7540487026c266302d375d82e0f automation-controller-cli-4.6.28-3.el9ap.noarch.rpm SHA-256: ed5b8dd0fd3aad5d9dbfebbb0a02602316ca39611fbdf05f861cb1dbbb