| Red Hat Enterprise Linux | Number Of NVD | 1680 | CRITICAL | 135 | HIGH | 590 | MEDIUM | 803 | LOW | 151 |
| URL | https://www.redhat.com/technologies/linux-platforms/enterprise-linux | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee. |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://access.redhat.com/ja/articles/16476 | ||
| 2 | https://access.redhat.com/support/policy/updates/errata | ||
| 3 | https://access.redhat.com/articles/3078 | ||
| 4 | https://access.redhat.com/security | ||
| 5 | https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 141 | Red Hat Enterprise Linux 9 | 9.7 | Nov. 11, 2025 | May 17, 2022 | 4 | 127 | 172 | 17 | |||
| 142 | Red Hat Enterprise Linux 8 | 8.10 | May 22, 2024 | May 7, 2019 | May 30, 2029 | 43 | 314 | 444 | 50 | ||
| 143 | Red Hat Enterprise Linux 7 | 7.9 | Sept. 29, 2020 | Dec. 11, 2013 | Aug. 6, 2020 | June 30, 2024 | 91 | 270 | 270 | 46 | |
| 144 | Red Hat Enterprise Linux 6 | 6.10 | June 19, 2018 | Nov. 9, 2010 | May 10, 2022 | Nov. 30, 2020 | June 30, 2024 | 72 | 169 | 210 | 55 |
| 145 | Red Hat Enterprise Linux 5 | 5.11 | Sept. 16, 2014 | March 15, 2007 | March 31, 2017 | Nov. 30, 2020 | 24 | 59 | 89 | 40 | |
| 146 | Red Hat Enterprise Linux 4 | 4.5 | Feb. 29, 2012 | March 31, 2017 | 5 | 30 | 29 | 16 | |||
| 147 | Red Hat Enterprise Linux 3 | 3.0 | 0 | 33 | 44 | 17 | |||||
| 148 | Red Hat Enterprise Linux 2 | 2.1 Update 7 | April 28, 2005 | 0 | 32 | 37 | 6 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 141 |
7.5 - |
HIGH
Network |
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. |
CWE-681
Incorrect Conversion between Numeric Types |
CVE-2023-46848 | cpe:2.3:o:redhat:enterprise_linux:9.0:* |
2024-11-21 17:29 2023-11-3 |
Show | GitHub Exploit DB Packet Storm | ||||
| 142 |
7.5 - |
HIGH
Network |
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP … |
CWE-120
Classic Buffer Overflow |
CVE-2023-46847 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* |
2024-11-21 17:29 2023-11-3 |
Show | GitHub Exploit DB Packet Storm | ||||
| 143 |
5.3 - |
MEDIUM
Network |
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. |
CWE-444
HTTP Request Smuggling |
CVE-2023-46846 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* |
2024-11-21 17:29 2023-11-3 |
Show | GitHub Exploit DB Packet Storm | ||||
| 144 |
5.5 - |
MEDIUM
Local |
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function. |
CWE-617
Reachable Assertion |
CVE-2023-38473 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* |
2024-11-21 17:13 2023-11-3 |
Show | GitHub Exploit DB Packet Storm | ||||
| 145 |
5.5 - |
MEDIUM
Local |
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow. |
CWE-787
Out-of-bounds Write |
CVE-2022-4900 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 16:36 2023-11-3 |
Show | GitHub Exploit DB Packet Storm | ||||
| 146 |
5.5 - |
MEDIUM
Local |
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function. |
CWE-617
Reachable Assertion |
CVE-2023-38470 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* |
2024-11-21 17:13 2023-11-3 |
Show | GitHub Exploit DB Packet Storm | ||||
| 147 |
5.5 - |
MEDIUM
Local |
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function. |
CWE-617
Reachable Assertion |
CVE-2023-38472 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* |
2024-11-21 17:13 2023-11-3 |
Show | GitHub Exploit DB Packet Storm | ||||
| 148 |
5.5 - |
MEDIUM
Local |
A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function. |
CWE-617
Reachable Assertion |
CVE-2023-38471 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* |
2024-11-21 17:13 2023-11-3 |
Show | GitHub Exploit DB Packet Storm | ||||
| 149 |
5.5 - |
MEDIUM
Local |
A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record. |
CWE-617
Reachable Assertion |
CVE-2023-38469 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* |
2024-11-21 17:13 2023-11-3 |
Show | GitHub Exploit DB Packet Storm | ||||
| 150 |
5.5 - |
MEDIUM
Local |
A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a c… |
CWE-787
Out-of-bounds Write |
CVE-2023-3164 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2024-11-21 17:16 2023-11-2 |
Show | GitHub Exploit DB Packet Storm |