| Red Hat Enterprise Linux | Number Of NVD | 1680 | CRITICAL | 135 | HIGH | 590 | MEDIUM | 803 | LOW | 151 |
| URL | https://www.redhat.com/technologies/linux-platforms/enterprise-linux | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee. |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://access.redhat.com/ja/articles/16476 | ||
| 2 | https://access.redhat.com/support/policy/updates/errata | ||
| 3 | https://access.redhat.com/articles/3078 | ||
| 4 | https://access.redhat.com/security | ||
| 5 | https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 1131 | Red Hat Enterprise Linux 9 | 9.7 | Nov. 11, 2025 | May 17, 2022 | 4 | 127 | 172 | 17 | |||
| 1132 | Red Hat Enterprise Linux 8 | 8.10 | May 22, 2024 | May 7, 2019 | May 30, 2029 | 43 | 314 | 444 | 50 | ||
| 1133 | Red Hat Enterprise Linux 7 | 7.9 | Sept. 29, 2020 | Dec. 11, 2013 | Aug. 6, 2020 | June 30, 2024 | 91 | 270 | 270 | 46 | |
| 1134 | Red Hat Enterprise Linux 6 | 6.10 | June 19, 2018 | Nov. 9, 2010 | May 10, 2022 | Nov. 30, 2020 | June 30, 2024 | 72 | 169 | 210 | 55 |
| 1135 | Red Hat Enterprise Linux 5 | 5.11 | Sept. 16, 2014 | March 15, 2007 | March 31, 2017 | Nov. 30, 2020 | 24 | 59 | 89 | 40 | |
| 1136 | Red Hat Enterprise Linux 4 | 4.5 | Feb. 29, 2012 | March 31, 2017 | 5 | 30 | 29 | 16 | |||
| 1137 | Red Hat Enterprise Linux 3 | 3.0 | 0 | 33 | 44 | 17 | |||||
| 1138 | Red Hat Enterprise Linux 2 | 2.1 Update 7 | April 28, 2005 | 0 | 32 | 37 | 6 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1131 |
5.3 5.0 |
MEDIUM
Network |
Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and… |
CWE-1187
Use of Uninitialized Resource |
CVE-2017-5405 |
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 12:27 2018-06-12 |
Show | GitHub Exploit DB Packet Storm | ||||
| 1132 |
9.8 7.5 |
CRITICAL
Network |
A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox < 52, Firefo… |
CWE-388
7PK - Errors |
CVE-2017-5401 |
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 12:27 2018-06-12 |
Show | GitHub Exploit DB Packet Storm | ||||
| 1133 |
9.8 7.5 |
CRITICAL
Network |
A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird < 4… |
CWE-416
Use After Free |
CVE-2017-5396 |
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 12:27 2018-06-12 |
Show | GitHub Exploit DB Packet Storm | ||||
| 1134 |
7.3 7.5 |
HIGH
Network |
WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensio… |
NVD-CWE-noinfo
|
CVE-2017-5386 |
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 12:27 2018-06-12 |
Show | GitHub Exploit DB Packet Storm | ||||
| 1135 |
5.3 5.0 |
MEDIUM
Network |
URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability a… |
CWE-20
Improper Input Validation |
CVE-2017-5383 |
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 12:27 2018-06-12 |
Show | GitHub Exploit DB Packet Storm | ||||
| 1136 |
9.8 7.5 |
CRITICAL
Network |
A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. |
CWE-416
Use After Free |
CVE-2017-5380 |
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 12:27 2018-06-12 |
Show | GitHub Exploit DB Packet Storm | ||||
| 1137 |
9.8 7.5 |
CRITICAL
Network |
Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. |
CWE-416
Use After Free |
CVE-2017-5376 |
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 12:27 2018-06-12 |
Show | GitHub Exploit DB Packet Storm | ||||
| 1138 |
9.8 7.5 |
CRITICAL
Network |
Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird… |
CWE-416
Use After Free |
CVE-2016-9899 |
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 12:01 2018-06-12 |
Show | GitHub Exploit DB Packet Storm | ||||
| 1139 |
9.8 7.5 |
CRITICAL
Network |
Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6. |
CWE-416
Use After Free |
CVE-2016-9898 |
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 12:01 2018-06-12 |
Show | GitHub Exploit DB Packet Storm | ||||
| 1140 |
6.1 4.3 |
MEDIUM
Network |
Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and… |
CWE-254
7PK - Security Features |
CVE-2016-9895 |
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 12:01 2018-06-12 |
Show | GitHub Exploit DB Packet Storm |