Red hat enterprise linux 8.8 extended update support
This hub aggregates every CVE we track for Red hat enterprise linux 8.8 extended update support. Use it to gauge the current risk picture and drill into individual advisories.
other
103
CVEs tracked
3
Critical
60
High
0
In CISA KEV
Severity distribution
HIGH60MEDIUM38CRITICAL3LOW2
Monthly trend
1
0
2
3
1
1
2
10
1
12
1
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Red hat enterprise linux 8.8 extended update support.
- CVE-2025-4948Libsoup: integer underflow in soup_multipart_new_from_message() leading to denial of service in libsoup7.5
- CVE-2025-46421Libsoup: information disclosure may leads libsoup client sends authorization header to a different host when being redirected by a server6.8
- CVE-2025-46420Libsoup: memory leak on soup_header_parse_quality_list() via soup-headers.c6.5
- CVE-2025-32911Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value9.0
- CVE-2025-32914Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process7.4
- CVE-2025-32906Libsoup: out of bounds reads in soup_headers_parse_request()7.5
- CVE-2025-32913Libsoup: null pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in content-disposition header7.5
- CVE-2025-32053Libsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()6.5
- CVE-2025-32052Libsoup: heap buffer overflow in sniff_unknown()6.5
- CVE-2025-32050Libsoup: integer overflow in append_param_quoted5.9
- CVE-2025-32049Libsoup: denial of service attack to websocket server7.5
- CVE-2025-3155Yelp: arbitrary file read7.4
- CVE-2025-2784Libsoup: heap buffer over-read in `skip_insignificant_space` when sniffing content7.0
- CVE-2024-8176Libexpat: expat: improper restriction of xml entity expansion depth in libexpat7.5
- CVE-2025-26601Xorg: xwayland: use-after-free in syncinittrigger()7.8
Product normalization is registry-driven with AI assist and human review. How it works