What is RHSA-2020:5249?

RHSA-2020:5249 is a security advisory published by Red Hat Product Security with Medium severity. Red Hat Security Advisory: security update - Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container

Which CVE IDs does RHSA-2020:5249 cover?

RHSA-2020:5249 covers the following CVE IDs: CVE-2019-18874, CVE-2020-7676, CVE-2020-7720, CVE-2020-7743, CVE-2020-11022, CVE-2020-11023. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2020:5249?

RHSA-2020:5249 has a CVSS v3 base score of 7.3, published by Red Hat Product Security.

RHSA-2020:5249MediumCVSS 7.3

Red Hat Security Advisory: security update - Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container

Vendor

Red Hat Product Security

Published

November 30, 2020

Last Modified

June 13, 2026

🔗 CVE IDs covered (6)

CVE-2019-18874 →CVE-2020-7676 →CVE-2020-7720 →CVE-2020-7743 →CVE-2020-11022 →CVE-2020-11023 →

📋 Description

CVE-2019-18874 — python-psutil: Double free because of refcount mishandling CVE-2020-7676 — nodejs-angular: XSS due to regex-based HTML replacement CVE-2020-7720 — nodejs-node-forge: prototype pollution via the util.setPath function CVE-2020-7743 — mathjs: prototype pollution via the deepExtend function that runs upon configuration updates CVE-2020-11022 — jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method CVE-2020-11023 — jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods

🔗 References (5)

selfhttps://access.redhat.com/errata/RHSA-2020:5249
externalhttps://access.redhat.com/security/updates/classification/#moderate
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1828406
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1850004
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5249.json