Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1171 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
1172 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
1173 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
1174 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
1175 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
1176 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
1177 Red Hat Enterprise Linux 3 3.0 0 33 44 17
1178 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1171 9.8
7.5 		CRITICAL
Network 		A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderb… CWE-416
 Use After Free 		CVE-2017-5435 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:* 		2024-11-21 12:27
2018-06-12 		Show GitHub Exploit DB Packet Storm
1172 9.8
7.5 		CRITICAL
Network 		A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a poten… CWE-416
 Use After Free 		CVE-2017-5433 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:* 		2024-11-21 12:27
2018-06-12 		Show GitHub Exploit DB Packet Storm
1173 9.8
7.5 		CRITICAL
Network 		An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This functio… CWE-190
 Integer Overflow or Wraparound 		CVE-2017-5428 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:27
2018-06-12 		Show GitHub Exploit DB Packet Storm
1174 9.8
7.5 		CRITICAL
Network 		Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-5410 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:27
2018-06-12 		Show GitHub Exploit DB Packet Storm
1175 5.3
5.0 		MEDIUM
Network 		Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. This… CWE-200
Information Exposure 		CVE-2017-5408 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:27
2018-06-12 		Show GitHub Exploit DB Packet Storm
1176 6.5
4.3 		MEDIUM
Network 		Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history informatio… CWE-200
Information Exposure 		CVE-2017-5407 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:27
2018-06-12 		Show GitHub Exploit DB Packet Storm
1177 9.8
7.5 		CRITICAL
Network 		A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This … CWE-416
 Use After Free 		CVE-2017-5404 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:27
2018-06-12 		Show GitHub Exploit DB Packet Storm
1178 9.8
7.5 		CRITICAL
Network 		A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. Th… CWE-416
 Use After Free 		CVE-2017-5402 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:27
2018-06-12 		Show GitHub Exploit DB Packet Storm
1179 9.8
7.5 		CRITICAL
Network 		The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vul… NVD-CWE-noinfo
CVE-2017-5390 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:27
2018-06-12 		Show GitHub Exploit DB Packet Storm
1180 7.5
5.0 		HIGH
Network 		Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an obj… CWE-200
Information Exposure 		CVE-2017-5378 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 12:27
2018-06-12 		Show GitHub Exploit DB Packet Storm