Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1704 CRITICAL 140 HIGH 597 MEDIUM 814 LOW 152
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り

Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
161 Red Hat Enterprise Linux 10.2 10.2 May 19, 2026 May 20, 2025 7 18 16 3
162 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 9 134 183 18
163 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 48 321 454 51
164 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 96 277 280 47
165 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 76 170 212 56
166 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
167 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
168 Red Hat Enterprise Linux 3 3.0 0 33 44 17
169 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
161 9.8
-
CRITICAL
Network
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect S… CWE-22
Path Traversal
CVE-2023-3961 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 17:18
2023-11-3
Show GitHub Exploit DB Packet Storm
162 7.0
-
HIGH
Local
A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local u… CWE-416
 Use After Free
CVE-2023-1476 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 16:39
2023-11-3
Show GitHub Exploit DB Packet Storm
163 7.5
-
HIGH
Network
A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum s… CWE-755
 Improper Handling of Exceptional Conditions
CVE-2023-5824 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 17:42
2023-11-3
Show GitHub Exploit DB Packet Storm
164 6.5
-
MEDIUM
Network
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignor… CWE-276
Incorrect Default Permissions 
CVE-2023-4091 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 17:34
2023-11-3
Show GitHub Exploit DB Packet Storm
165 7.5
-
HIGH
Network
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. CWE-681
 Incorrect Conversion between Numeric Types
CVE-2023-46848 cpe:2.3:o:redhat:enterprise_linux:9.0:* 2024-11-21 17:29
2023-11-3
Show GitHub Exploit DB Packet Storm
166 7.5
-
HIGH
Network
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP … CWE-120
Classic Buffer Overflow
CVE-2023-46847 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-21 17:29
2023-11-3
Show GitHub Exploit DB Packet Storm
167 5.3
-
MEDIUM
Network
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. CWE-444
HTTP Request Smuggling
CVE-2023-46846 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-21 17:29
2023-11-3
Show GitHub Exploit DB Packet Storm
168 5.5
-
MEDIUM
Local
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function. CWE-617
 Reachable Assertion
CVE-2023-38473 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-21 17:13
2023-11-3
Show GitHub Exploit DB Packet Storm
169 5.5
-
MEDIUM
Local
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow. CWE-787
 Out-of-bounds Write
CVE-2022-4900 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 16:36
2023-11-3
Show GitHub Exploit DB Packet Storm
170 5.5
-
MEDIUM
Local
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function. CWE-617
 Reachable Assertion
CVE-2023-38470 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-21 17:13
2023-11-3
Show GitHub Exploit DB Packet Storm