Red Hat Product Security provides the guidance, stability and security needed to confidently deploy enterprise solutions.

An Open Approach to Vulnerability Management

Over the years, Red Hat has published a large number of articles, blogs and other resources that describe different facets of how we handle security vulnerabilities in our products. Here we have provided a document that builds on those efforts with the aim to bring it all together and help our customers and communities better understand how Red Hat categorizes, addresses and responds to security vulnerabilities.

Download An Open Approach to Vulnerability Management.

Last updated: March 28, 2024

Video details

An Open Approach to Vulnerability Management

From Vincent Danen September 16th, 2022

This presentation was first given at the Calgary Security Symposium in spring 2022, and subsequently at Summit Connect events in the fall. Based on the Open Approach to Vulnerability Management whitepaper, this presentation describes Red Hat's methodology to vulnerability management in enterprise open source software.

Vulnerability support

• Security-related information is managed and provided by the Product Security team.
• Red Hat cannot give more detailed information in a support CASE than is provided on the CVE, Errata, or related Security Bulletin pages.
• Red Hat cannot provide information on mitigations or reproducers other than what is described on the CVE, Errata, or related Security Bulletin pages.