Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1711 CRITICAL 141 HIGH 603 MEDIUM 814 LOW 152
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り

Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
1201 Red Hat Enterprise Linux 10.2 10.2 May 19, 2026 May 20, 2025 8 24 16 3
1202 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 10 140 183 18
1203 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 49 327 454 51
1204 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 97 283 280 47
1205 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 77 176 212 56
1206 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
1207 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
1208 Red Hat Enterprise Linux 3 3.0 0 33 44 17
1209 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
1201 8.8
6.8
HIGH
Network
An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as… CWE-787
 Out-of-bounds Write
CVE-2017-5436 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
2024-11-21 12:27
2018-06-12
Show GitHub Exploit DB Packet Storm
1202 9.8
7.5
CRITICAL
Network
A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderb… CWE-416
 Use After Free
CVE-2017-5435 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
2024-11-21 12:27
2018-06-12
Show GitHub Exploit DB Packet Storm
1203 9.8
7.5
CRITICAL
Network
A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a poten… CWE-416
 Use After Free
CVE-2017-5433 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
2024-11-21 12:27
2018-06-12
Show GitHub Exploit DB Packet Storm
1204 9.8
7.5
CRITICAL
Network
An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This functio… CWE-190
 Integer Overflow or Wraparound
CVE-2017-5428 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:27
2018-06-12
Show GitHub Exploit DB Packet Storm
1205 9.8
7.5
CRITICAL
Network
Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2017-5410 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 12:27
2018-06-12
Show GitHub Exploit DB Packet Storm
1206 5.3
5.0
MEDIUM
Network
Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. This… CWE-200
Information Exposure
CVE-2017-5408 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 12:27
2018-06-12
Show GitHub Exploit DB Packet Storm
1207 6.5
4.3
MEDIUM
Network
Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history informatio… CWE-200
Information Exposure
CVE-2017-5407 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 12:27
2018-06-12
Show GitHub Exploit DB Packet Storm
1208 9.8
7.5
CRITICAL
Network
A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This … CWE-416
 Use After Free
CVE-2017-5404 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 12:27
2018-06-12
Show GitHub Exploit DB Packet Storm
1209 9.8
7.5
CRITICAL
Network
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. Th… CWE-416
 Use After Free
CVE-2017-5402 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 12:27
2018-06-12
Show GitHub Exploit DB Packet Storm
1210 9.8
7.5
CRITICAL
Network
The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vul… NVD-CWE-noinfo
CVE-2017-5390 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 12:27
2018-06-12
Show GitHub Exploit DB Packet Storm