Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • 商用ライセンス有り
  • Linux
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
471 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
472 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
473 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
474 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
475 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
476 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
477 Red Hat Enterprise Linux 3 3.0 0 33 44 17
478 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
471 6.5
6.4 		MEDIUM
Network 		A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` A… CWE-200
CWE-346
Information Exposure
 Origin Validation Error 		CVE-2021-4024 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 15:36
2021-12-24 		Show GitHub Exploit DB Packet Storm
472 7.8
6.8 		HIGH
Local 		load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of… NVD-CWE-noinfo
CVE-2021-45463 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 15:32
2021-12-23 		Show GitHub Exploit DB Packet Storm
473 7.0
4.4 		HIGH
Local 		A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a s… CWE-362
Race Condition 		CVE-2021-44733 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 15:31
2021-12-23 		Show GitHub Exploit DB Packet Storm
474 7.8
6.8 		HIGH
Local 		stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated b… CWE-787
 Out-of-bounds Write 		CVE-2021-45078 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 15:31
2021-12-16 		Show GitHub Exploit DB Packet Storm
475 7.5
6.0 		HIGH
Network 		JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectio… CWE-502
 Deserialization of Untrusted Data 		CVE-2021-4104 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 15:36
2021-12-14 		Show GitHub Exploit DB Packet Storm
476 9.1
6.4 		CRITICAL
Network 		An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs pas… - CVE-2021-4048 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 15:36
2021-12-9 		Show GitHub Exploit DB Packet Storm
477 4.2
6.3 		MEDIUM
Local 		A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availabilit… - CVE-2021-3802 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 15:22
2021-11-30 		Show GitHub Exploit DB Packet Storm
478 5.6
6.8 		MEDIUM
Network 		A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Do… CWE-79
Cross-site Scripting 		CVE-2021-3672 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.7:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 15:22
2021-11-24 		Show GitHub Exploit DB Packet Storm
479 8.1
5.1 		HIGH
Network 		When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate ver… CWE-295
Improper Certificate Validation  		CVE-2021-3935 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 15:22
2021-11-23 		Show GitHub Exploit DB Packet Storm
480 5.5
2.1 		MEDIUM
Local 		An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. CWE-125
Out-of-bounds Read 		CVE-2021-43389 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 15:29
2021-11-5 		Show GitHub Exploit DB Packet Storm