What is RHSA-2020:3817?

RHSA-2020:3817 is a security advisory published by Red Hat Product Security with Medium severity. Red Hat Security Advisory: AMQ Clients 2.8.0 Release

Which CVE IDs does RHSA-2020:3817 cover?

RHSA-2020:3817 covers the following CVE IDs: CVE-2020-11113, CVE-2020-14297, CVE-2020-14307, CVE-2020-9488. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2020:3817?

RHSA-2020:3817 has a CVSS v3 base score of 8.1, published by Red Hat Product Security.

RHSA-2020:3817MediumCVSS 8.1

Red Hat Security Advisory: AMQ Clients 2.8.0 Release

Vendor

Red Hat Product Security

Published

September 23, 2020

Last Modified

May 29, 2026

🔗 CVE IDs covered (4)

CVE-2020-11113 →CVE-2020-14297 →CVE-2020-14307 →CVE-2020-9488 →

📋 Description

CVE-2020-9488 — log4j: improper validation of certificate with host mismatch in SMTP appender CVE-2020-11113 — jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime CVE-2020-14297 — wildfly: Some EJB transaction objects may get accumulated causing Denial of Service CVE-2020-14307 — wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service

🔗 References (11)

selfhttps://access.redhat.com/errata/RHSA-2020:3817
externalhttps://access.redhat.com/security/updates/classification/#moderate
externalhttps://access.redhat.com/documentation/en-us/red_hat_amq
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1821315
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1831139
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1851327
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1853595
externalhttps://issues.redhat.com/browse/ENTMQCL-1987
externalhttps://issues.redhat.com/browse/ENTMQCL-1988
externalhttps://issues.redhat.com/browse/ENTMQCL-2070
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3817.json