diff --git a/release-notes/VERSION b/release-notes/VERSION
index e410c9787..9608bfd25 100644
--- a/release-notes/VERSION
+++ b/release-notes/VERSION
@@ -57,6 +57,7 @@ One more patch release for 1.9.
 * [databind#2659]: Block one more gadget type (aries.transaction.jms, CVE-2020-10672)
 * [databind#2660]: Block one more gadget type (caucho-quercus, CVE-2020-10673)
 * [databind#2662]: Block one more gadget type (bus-proxy, CVE-2020-10968)
+* [databind#2664]: Block one more gadget type (activemq-pool[-jms], CVE-2020-11111)
 
 1.9.13 (14-Jul-2013)
 
diff --git a/src/mapper/java/org/codehaus/jackson/map/jsontype/impl/SubTypeValidator.java b/src/mapper/java/org/codehaus/jackson/map/jsontype/impl/SubTypeValidator.java
index 5b8ac0cdd..90c12a4b1 100644
--- a/src/mapper/java/org/codehaus/jackson/map/jsontype/impl/SubTypeValidator.java
+++ b/src/mapper/java/org/codehaus/jackson/map/jsontype/impl/SubTypeValidator.java
@@ -138,6 +138,18 @@ public class SubTypeValidator
         s.add("org.aoju.bus.proxy.provider.RmiProvider");
         s.add("org.aoju.bus.proxy.provider.remoting.RmiProvider");
 
+        // [databind#2664]: activemq-core, activemq-pool, activemq-pool-jms
+
+        s.add("org.apache.activemq.ActiveMQConnectionFactory"); // core
+        s.add("org.apache.activemq.ActiveMQXAConnectionFactory");
+        s.add("org.apache.activemq.spring.ActiveMQConnectionFactory");
+        s.add("org.apache.activemq.spring.ActiveMQXAConnectionFactory");
+        s.add("org.apache.activemq.pool.JcaPooledConnectionFactory"); // pool
+        s.add("org.apache.activemq.pool.PooledConnectionFactory");
+        s.add("org.apache.activemq.pool.XaPooledConnectionFactory");
+        s.add("org.apache.activemq.jms.pool.XaPooledConnectionFactory"); // pool-jms
+        s.add("org.apache.activemq.jms.pool.JcaPooledConnectionFactory");
+
         DEFAULT_NO_DESER_CLASS_NAMES = Collections.unmodifiableSet(s);
     }