What is RHSA-2021:0417?

RHSA-2021:0417 is a security advisory published by Red Hat Product Security with Medium severity. Red Hat Security Advisory: Red Hat AMQ Broker 7.8.1 release and security update

Which CVE IDs does RHSA-2021:0417 cover?

RHSA-2021:0417 covers the following CVE IDs: CVE-2020-8908, CVE-2020-27218, CVE-2021-26118, CVE-2019-10768, CVE-2020-7676. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2021:0417?

RHSA-2021:0417 has a CVSS v3 base score of 7.5, published by Red Hat Product Security.

RHSA-2021:0417MediumCVSS 7.5

Red Hat Security Advisory: Red Hat AMQ Broker 7.8.1 release and security update

Vendor

Red Hat Product Security

Published

February 4, 2021

Last Modified

June 15, 2026

🔗 CVE IDs covered (5)

CVE-2020-8908 →CVE-2020-27218 →CVE-2021-26118 →CVE-2019-10768 →CVE-2020-7676 →

📋 Description

CVE-2019-10768 — AngularJS: Prototype pollution in merge function could result in code injection CVE-2020-7676 — nodejs-angular: XSS due to regex-based HTML replacement CVE-2020-8908 — guava: local information disclosure via temporary directory created with unsafe permissions CVE-2020-27218 — jetty: buffer not correctly recycled in Gzip Request inflation CVE-2021-26118 — 7: OpenWire can create destinations with an unpriviledged user

🔗 References (7)

selfhttps://access.redhat.com/errata/RHSA-2021:0417
externalhttps://access.redhat.com/security/updates/classification/#moderate
externalhttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=jboss.amq.broker&version=7.8.1
externalhttps://access.redhat.com/documentation/en-us/red_hat_amq/7.8/
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1902826
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1906919
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0417.json