{"id":"RHSA-2025:15124","summary":"Red Hat Security Advisory: Satellite 6.16.5.3 Async Update","modified":"2026-03-21T10:11:28Z","published":"2025-09-04T10:03:34Z","upstream":["CVE-2024-49761"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:15124"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322153"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-37580"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-37586"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15124.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-49761"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-49761"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49761"},{"type":"ARTICLE","url":"https://github.com/ruby/rexml/commit/ce59f2eb1aeb371fe1643414f06618dbe031979f"},{"type":"ARTICLE","url":"https://github.com/ruby/rexml/security/advisories/GHSA-2rxp-v6pw-ch6m"},{"type":"ARTICLE","url":"https://www.ruby-lang.org/en/news/2024/10/28/redos-rexml-cve-2024-49761"}],"affected":[{"package":{"name":"puppet-agent","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/puppet-agent"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.8.1-2.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"puppetserver","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/puppetserver"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.6.2-3.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/satellite"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-capsule","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/satellite-capsule"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-cli","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/satellite-cli"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-common","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/satellite-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite","ecosystem":"Red Hat:satellite_utils:6.16::el8","purl":"pkg:rpm/redhat/satellite"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-capsule","ecosystem":"Red Hat:satellite_utils:6.16::el8","purl":"pkg:rpm/redhat/satellite-capsule"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-cli","ecosystem":"Red Hat:satellite_utils:6.16::el8","purl":"pkg:rpm/redhat/satellite-cli"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-common","ecosystem":"Red Hat:satellite_utils:6.16::el8","purl":"pkg:rpm/redhat/satellite-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"puppet-agent","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/puppet-agent"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.8.1-2.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"puppetserver","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/puppetserver"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.6.2-3.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"rubygem-foreman_rh_cloud","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/rubygem-foreman_rh_cloud"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.0.7-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"rubygem-foreman_webhooks","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/rubygem-foreman_webhooks"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.2.4-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/satellite"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-capsule","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/satellite-capsule"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-cli","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/satellite-cli"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-common","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/satellite-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"puppet-agent","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/puppet-agent"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.8.1-2.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"puppetserver","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/puppetserver"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.6.2-3.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/satellite"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-capsule","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/satellite-capsule"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-cli","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/satellite-cli"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-common","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/satellite-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite","ecosystem":"Red Hat:satellite_utils:6.16::el9","purl":"pkg:rpm/redhat/satellite"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-capsule","ecosystem":"Red Hat:satellite_utils:6.16::el9","purl":"pkg:rpm/redhat/satellite-capsule"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-cli","ecosystem":"Red Hat:satellite_utils:6.16::el9","purl":"pkg:rpm/redhat/satellite-cli"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-common","ecosystem":"Red Hat:satellite_utils:6.16::el9","purl":"pkg:rpm/redhat/satellite-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"puppet-agent","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/puppet-agent"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.8.1-2.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"puppetserver","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/puppetserver"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.6.2-3.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"rubygem-foreman_rh_cloud","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/rubygem-foreman_rh_cloud"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:10.0.7-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"rubygem-foreman_webhooks","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/rubygem-foreman_webhooks"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.2.4-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/satellite"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-capsule","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/satellite-capsule"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-cli","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/satellite-cli"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}},{"package":{"name":"satellite-common","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/satellite-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.16.5.3-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:15124.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}