RHSA-2026:0406
Vulnerability from csaf_redhat - Published: 2026-01-08 19:34 - Updated: 2026-01-14 02:27Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Container Release Update
Notes
Topic
An update is now available for Red Hat Ansible Automation Platform 2.4
Details
Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Ansible Automation Platform 2.4",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0406",
"url": "https://access.redhat.com/errata/RHSA-2026:0406"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68664",
"url": "https://access.redhat.com/security/cve/CVE-2025-68664"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.4/html/red_hat_ansible_automation_platform_release_notes/asynchronous_updates",
"url": "https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.4/html/red_hat_ansible_automation_platform_release_notes/asynchronous_updates"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0406.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Container Release Update",
"tracking": {
"current_release_date": "2026-01-14T02:27:19+00:00",
"generator": {
"date": "2026-01-14T02:27:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2026:0406",
"initial_release_date": "2026-01-08T19:34:46+00:00",
"revision_history": [
{
"date": "2026-01-08T19:34:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-08T19:34:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-14T02:27:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4",
"product_id": "Red Hat Ansible Automation Platform 2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ansible Automation Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:876e816eff5c92c30026a2ff2eea045b91b7cda01ee949f081d6c3b9a33e32fd_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:876e816eff5c92c30026a2ff2eea045b91b7cda01ee949f081d6c3b9a33e32fd_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:876e816eff5c92c30026a2ff2eea045b91b7cda01ee949f081d6c3b9a33e32fd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/platform-operator-bundle@sha256%3A876e816eff5c92c30026a2ff2eea045b91b7cda01ee949f081d6c3b9a33e32fd?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform\u0026tag=1767615183"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:ef1ca7ef90b6fadc5cd9a5a8bac1d0fe29b78514cba562413961a567c84f615d_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:ef1ca7ef90b6fadc5cd9a5a8bac1d0fe29b78514cba562413961a567c84f615d_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:ef1ca7ef90b6fadc5cd9a5a8bac1d0fe29b78514cba562413961a567c84f615d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/platform-operator-bundle@sha256%3Aef1ca7ef90b6fadc5cd9a5a8bac1d0fe29b78514cba562413961a567c84f615d?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform\u0026tag=1767615136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:0bb8228df7b60eb4bb4380fab098600ce5016702ca28972f5f94849bb87754d4_amd64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:0bb8228df7b60eb4bb4380fab098600ce5016702ca28972f5f94849bb87754d4_amd64",
"product_id": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:0bb8228df7b60eb4bb4380fab098600ce5016702ca28972f5f94849bb87754d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lightspeed-rhel8@sha256%3A0bb8228df7b60eb4bb4380fab098600ce5016702ca28972f5f94849bb87754d4?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24\u0026tag=1767342459"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:a1f1aafd41f628d0e7d2e4a8cab367a390619b1b21594c99932bc1b3fb18f94d_arm64",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:a1f1aafd41f628d0e7d2e4a8cab367a390619b1b21594c99932bc1b3fb18f94d_arm64",
"product_id": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:a1f1aafd41f628d0e7d2e4a8cab367a390619b1b21594c99932bc1b3fb18f94d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lightspeed-rhel8@sha256%3Aa1f1aafd41f628d0e7d2e4a8cab367a390619b1b21594c99932bc1b3fb18f94d?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24\u0026tag=1767342459"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:dc488fda76effe0b112c876d1cd22dda60c3296afb268379675243a539e04941_s390x",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:dc488fda76effe0b112c876d1cd22dda60c3296afb268379675243a539e04941_s390x",
"product_id": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:dc488fda76effe0b112c876d1cd22dda60c3296afb268379675243a539e04941_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lightspeed-rhel8@sha256%3Adc488fda76effe0b112c876d1cd22dda60c3296afb268379675243a539e04941?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24\u0026tag=1767342459"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:c119e0c4cb1cca9081a30abfec209ae540e8966645c2815703390a654993fe3c_ppc64le",
"product": {
"name": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:c119e0c4cb1cca9081a30abfec209ae540e8966645c2815703390a654993fe3c_ppc64le",
"product_id": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:c119e0c4cb1cca9081a30abfec209ae540e8966645c2815703390a654993fe3c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lightspeed-rhel8@sha256%3Ac119e0c4cb1cca9081a30abfec209ae540e8966645c2815703390a654993fe3c?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24\u0026tag=1767342459"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:0bb8228df7b60eb4bb4380fab098600ce5016702ca28972f5f94849bb87754d4_amd64 as a component of Red Hat Ansible Automation Platform 2.4",
"product_id": "Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:0bb8228df7b60eb4bb4380fab098600ce5016702ca28972f5f94849bb87754d4_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:0bb8228df7b60eb4bb4380fab098600ce5016702ca28972f5f94849bb87754d4_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:a1f1aafd41f628d0e7d2e4a8cab367a390619b1b21594c99932bc1b3fb18f94d_arm64 as a component of Red Hat Ansible Automation Platform 2.4",
"product_id": "Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:a1f1aafd41f628d0e7d2e4a8cab367a390619b1b21594c99932bc1b3fb18f94d_arm64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:a1f1aafd41f628d0e7d2e4a8cab367a390619b1b21594c99932bc1b3fb18f94d_arm64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:c119e0c4cb1cca9081a30abfec209ae540e8966645c2815703390a654993fe3c_ppc64le as a component of Red Hat Ansible Automation Platform 2.4",
"product_id": "Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:c119e0c4cb1cca9081a30abfec209ae540e8966645c2815703390a654993fe3c_ppc64le"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:c119e0c4cb1cca9081a30abfec209ae540e8966645c2815703390a654993fe3c_ppc64le",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:dc488fda76effe0b112c876d1cd22dda60c3296afb268379675243a539e04941_s390x as a component of Red Hat Ansible Automation Platform 2.4",
"product_id": "Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:dc488fda76effe0b112c876d1cd22dda60c3296afb268379675243a539e04941_s390x"
},
"product_reference": "registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:dc488fda76effe0b112c876d1cd22dda60c3296afb268379675243a539e04941_s390x",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:876e816eff5c92c30026a2ff2eea045b91b7cda01ee949f081d6c3b9a33e32fd_amd64 as a component of Red Hat Ansible Automation Platform 2.4",
"product_id": "Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:876e816eff5c92c30026a2ff2eea045b91b7cda01ee949f081d6c3b9a33e32fd_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:876e816eff5c92c30026a2ff2eea045b91b7cda01ee949f081d6c3b9a33e32fd_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:ef1ca7ef90b6fadc5cd9a5a8bac1d0fe29b78514cba562413961a567c84f615d_amd64 as a component of Red Hat Ansible Automation Platform 2.4",
"product_id": "Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:ef1ca7ef90b6fadc5cd9a5a8bac1d0fe29b78514cba562413961a567c84f615d_amd64"
},
"product_reference": "registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:ef1ca7ef90b6fadc5cd9a5a8bac1d0fe29b78514cba562413961a567c84f615d_amd64",
"relates_to_product_reference": "Red Hat Ansible Automation Platform 2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68664",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-12-23T23:00:49.746016+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:876e816eff5c92c30026a2ff2eea045b91b7cda01ee949f081d6c3b9a33e32fd_amd64",
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:ef1ca7ef90b6fadc5cd9a5a8bac1d0fe29b78514cba562413961a567c84f615d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2424790"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in LangChain, a framework for building agents and LLM-powered applications. A remote attacker can exploit a serialization injection vulnerability in LangChain\u0027s `dumps()` and `dumpd()` functions. This occurs because the functions do not properly escape dictionaries containing the internal \u0027lc\u0027 key during serialization. When user-controlled data includes this key structure, it is incorrectly processed as a legitimate LangChain object during deserialization, potentially leading to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "langchain-core: LangChain: Arbitrary code execution via serialization injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Critical for Red Hat products. A serialization injection flaw in LangChain\u0027s `dumps()` and `dumpd()` functions allows remote attackers to achieve arbitrary code execution. This occurs when user-controlled data containing the internal \u0027lc\u0027 key is improperly deserialized as a legitimate LangChain object.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:0bb8228df7b60eb4bb4380fab098600ce5016702ca28972f5f94849bb87754d4_amd64",
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:a1f1aafd41f628d0e7d2e4a8cab367a390619b1b21594c99932bc1b3fb18f94d_arm64",
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:c119e0c4cb1cca9081a30abfec209ae540e8966645c2815703390a654993fe3c_ppc64le",
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:dc488fda76effe0b112c876d1cd22dda60c3296afb268379675243a539e04941_s390x"
],
"known_not_affected": [
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:876e816eff5c92c30026a2ff2eea045b91b7cda01ee949f081d6c3b9a33e32fd_amd64",
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:ef1ca7ef90b6fadc5cd9a5a8bac1d0fe29b78514cba562413961a567c84f615d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68664"
},
{
"category": "external",
"summary": "RHBZ#2424790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2424790"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68664",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68664"
},
{
"category": "external",
"summary": "https://github.com/langchain-ai/langchain/commit/5ec0fa69de31bbe3d76e4cf9cd65a6accb8466c8",
"url": "https://github.com/langchain-ai/langchain/commit/5ec0fa69de31bbe3d76e4cf9cd65a6accb8466c8"
},
{
"category": "external",
"summary": "https://github.com/langchain-ai/langchain/commit/d9ec4c5cc78960abd37da79b0250f5642e6f0ce6",
"url": "https://github.com/langchain-ai/langchain/commit/d9ec4c5cc78960abd37da79b0250f5642e6f0ce6"
},
{
"category": "external",
"summary": "https://github.com/langchain-ai/langchain/pull/34455",
"url": "https://github.com/langchain-ai/langchain/pull/34455"
},
{
"category": "external",
"summary": "https://github.com/langchain-ai/langchain/pull/34458",
"url": "https://github.com/langchain-ai/langchain/pull/34458"
},
{
"category": "external",
"summary": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D0.3.81",
"url": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D0.3.81"
},
{
"category": "external",
"summary": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D1.2.5",
"url": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D1.2.5"
},
{
"category": "external",
"summary": "https://github.com/langchain-ai/langchain/security/advisories/GHSA-c67j-w6g6-q2cm",
"url": "https://github.com/langchain-ai/langchain/security/advisories/GHSA-c67j-w6g6-q2cm"
}
],
"release_date": "2025-12-23T22:47:44.084000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T19:34:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.4#Installation%20and%20upgrade",
"product_ids": [
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:0bb8228df7b60eb4bb4380fab098600ce5016702ca28972f5f94849bb87754d4_amd64",
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:a1f1aafd41f628d0e7d2e4a8cab367a390619b1b21594c99932bc1b3fb18f94d_arm64",
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:c119e0c4cb1cca9081a30abfec209ae540e8966645c2815703390a654993fe3c_ppc64le",
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:dc488fda76effe0b112c876d1cd22dda60c3296afb268379675243a539e04941_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0406"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:0bb8228df7b60eb4bb4380fab098600ce5016702ca28972f5f94849bb87754d4_amd64",
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:a1f1aafd41f628d0e7d2e4a8cab367a390619b1b21594c99932bc1b3fb18f94d_arm64",
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:c119e0c4cb1cca9081a30abfec209ae540e8966645c2815703390a654993fe3c_ppc64le",
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform-24/lightspeed-rhel8@sha256:dc488fda76effe0b112c876d1cd22dda60c3296afb268379675243a539e04941_s390x",
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:876e816eff5c92c30026a2ff2eea045b91b7cda01ee949f081d6c3b9a33e32fd_amd64",
"Red Hat Ansible Automation Platform 2.4:registry.redhat.io/ansible-automation-platform/platform-operator-bundle@sha256:ef1ca7ef90b6fadc5cd9a5a8bac1d0fe29b78514cba562413961a567c84f615d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "langchain-core: LangChain: Arbitrary code execution via serialization injection"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…