Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1091 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
1092 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
1093 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
1094 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
1095 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
1096 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
1097 Red Hat Enterprise Linux 3 3.0 0 33 44 17
1098 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1091 5.5
2.1 		MEDIUM
Local 		It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available fro… - CVE-2017-2625 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:23
2018-07-28 		Show GitHub Exploit DB Packet Storm
1092 5.3
4.3 		MEDIUM
Network 		It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG signatures on packages when doing layering. Packages with unsigned or badly signed content could fail … CWE-295
Improper Certificate Validation  		CVE-2017-2623 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:23
2018-07-28 		Show GitHub Exploit DB Packet Storm
1093 8.1
5.5 		HIGH
Network 		A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthoriz… CWE-275
 Permission Issues 		CVE-2017-2590 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:23
2018-07-28 		Show GitHub Exploit DB Packet Storm
1094 7.4
5.8 		HIGH
Network 		A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and… CWE-310
Cryptographic Issues 		CVE-2017-12151 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:08
2018-07-27 		Show GitHub Exploit DB Packet Storm
1095 7.8
6.1 		HIGH
Local 		A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renam… - CVE-2018-10879 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:42
2018-07-27 		Show GitHub Exploit DB Packet Storm
1096 6.5
6.4 		MEDIUM
Network 		A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly. A web administrator cou… - CVE-2017-12171 cpe:2.3:o:redhat:enterprise_linux:6.9:* 2024-11-21 12:08
2018-07-27 		Show GitHub Exploit DB Packet Storm
1097 6.5
4.0 		MEDIUM
Network 		An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could pote… - CVE-2017-7562 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:32
2018-07-27 		Show GitHub Exploit DB Packet Storm
1098 5.5
4.3 		MEDIUM
Local 		plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. T… CWE-22
Path Traversal 		CVE-2018-1002200 cpe:2.3:o:redhat:enterprise_linux:7.5:* 2024-11-21 12:40
2018-07-26 		Show GitHub Exploit DB Packet Storm
1099 5.5
7.1 		MEDIUM
Local 		Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cau… - CVE-2018-10880 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:42
2018-07-25 		Show GitHub Exploit DB Packet Storm
1100 7.5
5.0 		HIGH
Network 		redhat-certification does not properly restrict files that can be download through the /download page. A remote attacker may download any file accessible by the user running httpd. - CVE-2018-10869 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:42
2018-07-20 		Show GitHub Exploit DB Packet Storm